www.newser.com Open in urlscan Pro
40.114.51.62 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://newser.com/
Effective URL:
https://www.newser.com/
Submission: On February 10 via manual (February 10th 2022, 2:08:56 pm UTC) from US — Scanned from DE

Summary HTTP 281 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 56 IPs in 5 countries across 47 domains to perform 281 HTTP transactions. The main IP is 40.114.51.62, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.newser.com. The Cisco Umbrella rank of the primary domain is 229558.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 1st 2022. Valid for: a year.

This is the only time www.newser.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	40.114.51.62 40.114.51.62	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
66	2620:1ec:bdf::44 2620:1ec:bdf::44	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
67	2620:1ec:46::44 2620:1ec:46::44	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	2600:9000:225... 2600:9000:2250:9600:12:4abd:d340:93a1	16509 (AMAZON-02) (AMAZON-02)
13	2600:9000:223... 2600:9000:223d:a800:14:2602:6e80:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2.21.140.111 2.21.140.111	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
2	169.50.137.179 169.50.137.179	36351 (SOFTLAYER) (SOFTLAYER)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	54.91.59.199 54.91.59.199	14618 (AMAZON-AES) (AMAZON-AES)
1 3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:ee05:6a01:4b41:8c89	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:9f11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1 3	108.157.4.80 108.157.4.80	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:231... 2600:9000:2315:8800:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::2	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:3600:1a:1459:5cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:ce00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.175.247.53 54.175.247.53	14618 (AMAZON-AES) (AMAZON-AES)
1 5	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	52.48.241.99 52.48.241.99	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
3 12	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
4	52.222.210.175 52.222.210.175	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	104.89.31.187 104.89.31.187	16625 (AKAMAI-AS) (AKAMAI-AS)
17 22	159.122.14.34 159.122.14.34	36351 (SOFTLAYER) (SOFTLAYER)
1 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4216:1314:397:4325:f0c1	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 1	3.68.148.208 3.68.148.208	16509 (AMAZON-02) (AMAZON-02)
1 1	3.122.111.84 3.122.111.84	16509 (AMAZON-02) (AMAZON-02)
1	52.222.214.69 52.222.214.69	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	54.243.106.181 54.243.106.181	14618 (AMAZON-AES) (AMAZON-AES)
1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.208.103.128 52.208.103.128	16509 (AMAZON-02) (AMAZON-02)
1	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
3 5	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1 2	185.33.220.242 185.33.220.242	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	3.227.250.215 3.227.250.215	() ()
281	56

5 40.114.51.62 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

newser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.newser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

66 2620:1ec:bdf::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

static1-azrcdn.newser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img2-azrcdn.newser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

67 2620:1ec:46::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

static2-azrcdn.newser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img1-azrcdn.newser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2250:9600:12:4abd:d340:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.intergient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:223d:a800:14:2602:6e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.intergi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.21.140.111 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-140-111.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.254.143.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.179 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b3.89.32a9.ip4.static.sl-reverse.com

i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.91.59.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-59-199.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:ee05:6a01:4b41:8c89 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:9f11 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.engine.4dsply.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
engine.4dsply.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.157.4.80 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-80.dus51.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:8800:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:3600:1a:1459:5cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

config.playwire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:ce00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.175.247.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-247-53.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.241.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-241-99.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.184.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.210.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-210-175.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.89.31.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-31-187.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 159.122.14.34 (United States) 17 redirects

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:1314:397:4325:f0c1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.68.148.208 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-148-208.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.111.84 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-111-84.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-69.fra56.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.243.106.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-106-181.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.103.128 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.242 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.227.250.215 (None, )

ASN- ()

kinesis.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
138	newser.com 1 redirects newser.com — Cisco Umbrella Rank: 173117 www.newser.com — Cisco Umbrella Rank: 229558 static1-azrcdn.newser.com — Cisco Umbrella Rank: 357641 static2-azrcdn.newser.com — Cisco Umbrella Rank: 399660 img2-azrcdn.newser.com — Cisco Umbrella Rank: 264494 img1-azrcdn.newser.com — Cisco Umbrella Rank: 252174	5 MB
26	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 120	184 KB
24	simpli.fi 17 redirects i.simpli.fi — Cisco Umbrella Rank: 3055 um.simpli.fi — Cisco Umbrella Rank: 691	14 KB
18	doubleclick.net 4 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 67 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 cm.g.doubleclick.net — Cisco Umbrella Rank: 175	230 KB
13	intergi.com cdn.intergi.com — Cisco Umbrella Rank: 3017	223 KB
9	intergient.com cdn.intergient.com — Cisco Umbrella Rank: 3434	144 KB
6	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 59 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	68 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 346	111 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 www.googleapis.com — Cisco Umbrella Rank: 30	4 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 263	40 KB
4	exelator.com 1 redirects loadus.exelator.com — Cisco Umbrella Rank: 1160 load77.exelator.com — Cisco Umbrella Rank: 2952 loadm.exelator.com — Cisco Umbrella Rank: 891	2 KB
4	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1324 m.addthis.com — Cisco Umbrella Rank: 1287	217 KB
3	moatads.com z.moatads.com — Cisco Umbrella Rank: 330 mb.moatads.com — Cisco Umbrella Rank: 567	77 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 129	2 KB
3	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 236	18 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 591 syndication.twitter.com — Cisco Umbrella Rank: 840	133 KB
2	amazonaws.com kinesis.us-east-1.amazonaws.com	582 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	76 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	2 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 469	1 KB
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 629	1 KB
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 283	108 B
2	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2330	524 B
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 388 d.agkn.com — Cisco Umbrella Rank: 487	960 B
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 357	887 B
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 356	730 B
2	rddywd.com rddywd.com — Cisco Umbrella Rank: 106535	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	83 KB
2	4dsply.com cdn.engine.4dsply.com — Cisco Umbrella Rank: 23245 engine.4dsply.com — Cisco Umbrella Rank: 22825	59 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 829 pixel.quantserve.com — Cisco Umbrella Rank: 374	10 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 322	274 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 288	239 B
1	google.de www.google.de — Cisco Umbrella Rank: 6342	548 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 99	630 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 696	348 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 447	603 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1101	421 B
1	intentiq.com sync.intentiq.com — Cisco Umbrella Rank: 1294
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6302	183 B
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1595	17 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1099	201 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 770	439 B
1	playwire.com config.playwire.com — Cisco Umbrella Rank: 3145	9 KB
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1518	556 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1242	14 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 3219	253 B
281	47

	Domain	Requested by
66	img1-azrcdn.newser.com	www.newser.com static1-azrcdn.newser.com
62	img2-azrcdn.newser.com	www.newser.com static1-azrcdn.newser.com
22	um.simpli.fi	17 redirects
16	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.newser.com tpc.googlesyndication.com 6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com
13	cdn.intergi.com	www.newser.com cdn.intergient.com cdn.intergi.com
9	securepubads.g.doubleclick.net	cdn.intergi.com securepubads.g.doubleclick.net www.newser.com www.googletagservices.com
9	cdn.intergient.com	www.newser.com cdn.intergient.com
7	pagead2.googlesyndication.com	newser.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.google.com	3 redirects tpc.googlesyndication.com 6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com
5	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.newser.com 6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com
4	www.gstatic.com	6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com
4	c.amazon-adsystem.com	cdn.intergi.com c.amazon-adsystem.com
4	static1-azrcdn.newser.com	www.newser.com
4	fonts.googleapis.com	www.newser.com 6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com
3	cm.g.doubleclick.net	3 redirects
3	6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	sb.scorecardresearch.com	1 redirects www.newser.com
3	ssl.google-analytics.com	1 redirects www.newser.com
3	s7.addthis.com	www.newser.com s7.addthis.com
3	www.newser.com	static1-azrcdn.newser.com
2	kinesis.us-east-1.amazonaws.com	cdn.intergient.com
2	www.googletagservices.com	6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com
2	ib.adnxs.com	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	bcp.crwdcntrl.net	1 redirects
2	loadm.exelator.com	1 redirects
2	idsync.rlcdn.com
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects
2	eb2.3lift.com	1 redirects
2	rddywd.com	newser.com www.newser.com
2	z.moatads.com	s7.addthis.com cdn.intergient.com
2	fonts.gstatic.com	fonts.googleapis.com
2	connect.facebook.net	www.newser.com connect.facebook.net
2	platform.twitter.com	static1-azrcdn.newser.com platform.twitter.com
2	i.simpli.fi	www.newser.com i.simpli.fi
2	newser.com	1 redirects www.newser.com
1	us-u.openx.net
1	pixel.rubiconproject.com
1	www.google.de
1	www.googleadservices.com	1 redirects
1	ce.lijit.com
1	stags.bluekai.com
1	sync.bfmio.com
1	sync.intentiq.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	secure.cdn.fastclick.net	www.newser.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	syndication.twitter.com	platform.twitter.com
1	pixel.quantserve.com	www.newser.com
1	mb.moatads.com	z.moatads.com
1	engine.4dsply.com	cdn.engine.4dsply.com
1	ping.chartbeat.net	www.newser.com
1	rules.quantcount.com	secure.quantserve.com
1	config.playwire.com	cdn.intergient.com
1	stats.g.doubleclick.net	www.newser.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	www.googleapis.com	www.newser.com
1	load77.exelator.com	www.newser.com
1	static.chartbeat.com	www.newser.com
1	cdn.engine.4dsply.com	www.newser.com
1	secure.quantserve.com	www.newser.com
1	api.ipify.org	static1-azrcdn.newser.com
1	loadus.exelator.com	www.newser.com
1	static2-azrcdn.newser.com	www.newser.com
281	69

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
play.google.com
www.microsoft.com

Subject Issuer	Validity	Valid
*.newser.com Go Daddy Secure Certificate Authority - G2	`2022-01-01` - `2023-02-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
static1-azrcdn.newser.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-25` - `2022-06-25`	a year	crt.sh
static2-azrcdn.newser.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-24` - `2022-06-24`	a year	crt.sh
cdn.intergient.com Amazon	`2022-01-04` - `2023-02-01`	a year	crt.sh
cdn.intergi.com Amazon	`2022-01-04` - `2023-02-01`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
img2-azrcdn.newser.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-24` - `2022-06-24`	a year	crt.sh
img1-azrcdn.newser.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-25` - `2022-06-25`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2022-02-07` - `2023-03-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
4dsply.com Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-19` - `2022-02-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
1605158521.rsc.cdn77.org R3	`2021-12-22` - `2022-03-22`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-11` - `2022-07-10`	a year	crt.sh
*.playwire.com Amazon	`2021-04-12` - `2022-05-11`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert SHA2 Secure Server CA	`2022-01-15` - `2023-01-17`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
kinesis.us-east-1.amazonaws.com Amazon	`2021-12-29` - `2022-12-08`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://www.newser.com/
Frame ID: 0D5911A7B9386E0E0F324D0B3F00A657
Requests: 228 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 9DD85334924FF0B2523052779EAC4A8A
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 9DA97844E926197B80F1559B3F5EC246
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.4e067713e19d4fff483536ddc4df18b9.html?origin=https%3A%2F%2Fwww.newser.com
Frame ID: 516E097329999AB752DD79FD9397AC76
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20190131/zrt_lookup.html
Frame ID: D7E2F67BE0472214AF545C14270966A9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.intergient.com/pageos/1.6.34/iframe/iframe.html
Frame ID: 82CEE45A1CAEE13D7374B5C35C5C9893
Requests: 2 HTTP requests in this frame

Frame: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7496C2FEE9FDF9B8E76E1AD36E2C0C39
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs
Frame ID: 4AA835C2BD640020030091A76C2B18EE
Requests: 12 HTTP requests in this frame

Frame: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D96466D22AB169487053F93EB679535F
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7D8E1AEC8F04C2D9526CBEF38993A794
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 425EC82BDC31CF54FC90B4BD4A291EFB
Requests: 2 HTTP requests in this frame

Frame: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FB9F9D99DFD321470E50F9F583D0DDB8
Requests: 15 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: A56F04638675367DA16424CCC715BC22
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 44C883C8ACC05BB60E9800A7C5DDE49A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Newser | Headline News Summaries, World News, and Breaking News

Page URL History Show full URLs

https://newser.com/ HTTP 301
https://www.newser.com/ Page URL

Detected technologies

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

281
Requests

92 %
HTTPS

49 %
IPv6

47
Domains

69
Subdomains

56
IPs

5
Countries

6451 kB
Transfer

11083 kB
Size

67
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://itunes.apple.com/us/app/newser/id334678577?mt=8&uo=4

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.newser2

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/store/apps/9NRBJ0VZQX72

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/newser/id334678577?mt=8

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://newser.com/ HTTP 301
https://www.newser.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 161

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1002041595&utmhn=www.newser.com&utme=8(PWA*ABTesting1*LastRefDomain*OrigRef*UserClassification)9(N*B*direct*direct*P)11(1*3!2*1*1)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&utmhid=1784752289&utmr=-&utmp=%2F&utmht=1644502127719&utmac=UA-1055596-4&utmcc=__utma%3D116631449.151998209.1644502128.1644502128.1644502128.1%3B%2B__utmz%3D116631449.1644502128.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=745001356&utmredir=1&utmu=qQAgAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1055596-4&cid=151998209.1644502128&jid=745001356&_v=5.7.2&z=1002041595

Request Chain 169

https://sb.scorecardresearch.com/b?c1=2&c2=6035830&ns__t=1644502127877&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2Fwww.newser.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035830&ns__t=1644502127877&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2Fwww.newser.com%2F&c9=

Request Chain 211

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=62D52269BFB54AB9B0069C1A0F3DB98F&dongle=yf3 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=62D52269BFB54AB9B0069C1A0F3DB98F&dongle=yf3&gdpr=1&cmp_cs=&us_privacy=

Request Chain 212

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=62D52269BFB54AB9B0069C1A0F3DB98F

Request Chain 213

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=62D52269BFB54AB9B0069C1A0F3DB98F HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=62D52269BFB54AB9B0069C1A0F3DB98F

Request Chain 214

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=62D52269BFB54AB9B0069C1A0F3DB98F HTTP 302
https://d.agkn.com/pixel/10751/?che=1644502130&ip=84.19.175.183&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164980904058000287221 HTTP 302
https://um.simpli.fi/aa_px?sk=164980904058000287221

Request Chain 215

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=62D52269BFB54AB9B0069C1A0F3DB98F

Request Chain 218

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=62D52269BFB54AB9B0069C1A0F3DB98F;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=62D52269BFB54AB9B0069C1A0F3DB98F;mimetype=img;sr HTTP 302
https://idsync.rlcdn.com/400646.gif?partner_uid=-6666176098133785828

Request Chain 219

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=62D52269BFB54AB9B0069C1A0F3DB98F&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=62D52269BFB54AB9B0069C1A0F3DB98F&j=0&xl8blockcheck=1

Request Chain 221

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=62D52269BFB54AB9B0069C1A0F3DB98F

Request Chain 222

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=62D52269BFB54AB9B0069C1A0F3DB98F

Request Chain 223

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=62D52269BFB54AB9B0069C1A0F3DB98F HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=62D52269BFB54AB9B0069C1A0F3DB98F

Request Chain 224

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=62D52269BFB54AB9B0069C1A0F3DB98F

Request Chain 225

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=62D52269BFB54AB9B0069C1A0F3DB98F

Request Chain 226

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1644502130666&cv=7&fst=1644502130666&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=333702157&cv=7&fst=1644502130666&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=chwFYquXNOSjx_APgvKh-Ao&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=333702157&cv=7&fst=1644502130666&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=chwFYquXNOSjx_APgvKh-Ao&cid=CAQSKQCNIrLMFK4dlu5zHPUgc-GVxr8gLtWG2wofT2y7Ss5xk2tW39aId2Kn&random=4280972360 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=333702157&cv=7&fst=1644502130666&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=chwFYquXNOSjx_APgvKh-Ao&cid=CAQSKQCNIrLMFK4dlu5zHPUgc-GVxr8gLtWG2wofT2y7Ss5xk2tW39aId2Kn&random=4280972360&ipr=y&prhg=0

Request Chain 227

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=62D52269BFB54AB9B0069C1A0F3DB98F HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=62D52269BFB54AB9B0069C1A0F3DB98F&__user_check__=1&sync_id=f9122301-8a7a-11ec-9cea-1f057aaa0206

Request Chain 228

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=62D52269BFB54AB9B0069C1A0F3DB98F HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D62D52269BFB54AB9B0069C1A0F3DB98F

Request Chain 229

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=62D52269BFB54AB9B0069C1A0F3DB98F&expires=365

Request Chain 230

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=62D52269BFB54AB9B0069C1A0F3DB98F

Request Chain 231

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEHJIOJBF4WxNNCsH7HEM1yc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=62D52269BFB54AB9B0069C1A0F3DB98F HTTP 302
https://um.simpli.fi/g_match?id=

Request Chain 247

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 274

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

281 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.newser.com/
Redirect Chain

https://newser.com/
https://www.newser.com/

258 KB
70 KB

755ms
317ms

Document
text/html

40.114.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newser.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 40.114.51.62 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 18949d4a39f9b936e01ffc712f63479f00dd2b2787d1adece606bef85bcbd43e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store
Pragma: no-cache
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Thu, 10 Feb 2022 14:07:46 GMT
Vary: Accept-Encoding
Scheme: https
RawURL: /
Date: Thu, 10 Feb 2022 14:08:46 GMT

Redirect headers

Location: //www.newser.com/
Scheme: https
RawURL: /
Date: Thu, 10 Feb 2022 14:08:45 GMT
Content-Length: 0

GET
H2 200 css
fonts.googleapis.com/ 20 KB
2 KB 88ms
33ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400italic,100,100italic,300,300italic,500,500italic,700,700italic

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c8e2b63593c31e87391f96f1a9b4b1c19b67966e560256a40cea1ac6c51307b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 14:08:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 10 Feb 2022 14:08:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Feb 2022 14:08:46 GMT

GET
H2 200 stylesheet.ashx
static1-azrcdn.newser.com/stylesheets/20220201_1200/ 131 KB
19 KB 498ms
40ms Stylesheet
text/css 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static1-azrcdn.newser.com/stylesheets/20220201_1200/stylesheet.ashx?file=responsive.css
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3018a5afc915e1bffa9bc4d1dcc657c56603cbebb623a4d7bc9252d3cf3c2490

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
content-encoding: br
x-azure-ref-originshield: 0SQQFYgAAAAB3tygEiPiCQ6k2k0ICVgLkQU1TMDRFREdFMTgxNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /stylesheets/20220201_1200/stylesheet.ashx?file=responsive.css
x-azure-ref: 0bxwFYgAAAADiJfLlSiseQYQa5gev45taRlJBRURHRTEwMjIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: text/css; charset=utf-8
cache-control: public, max-age=2592000
scheme: https

GET
H2 200 jquery-1.12.4.min.js Show response
static1-azrcdn.newser.com/javascript/20220201_1200/ 114 KB
34 KB 546ms
88ms Script
text/javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static1-azrcdn.newser.com/javascript/20220201_1200/jquery-1.12.4.min.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 996d298d6f8685a3ae28eace9249e3580bb8d13d91d424573fefb40d52980269

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
content-encoding: br
last-modified: Fri, 04 Dec 2020 19:36:38 GMT
x-azure-ref-originshield: 0QAQFYgAAAAADKqGHKwg3S6Bff2d9/ypnQU1TMDRFREdFMTgxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAAC/hrd2ww+tQYNhmFAedAgRRlJBRURHRTEwMjIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: text/javascript
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 javascript.ashx Show response
static1-azrcdn.newser.com/javascript/20220201_1200/ 209 KB
41 KB 524ms
67ms Script
text/javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static1-azrcdn.newser.com/javascript/20220201_1200/javascript.ashx?file=newser.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 297780bbdceda3c80c1d27566362ed38b771c288ccb9e420e6106b4058996ca0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
content-encoding: br
x-azure-ref-originshield: 0a98EYgAAAAA1Joid/vsTQKVcWVT0tZSqQU1TMDRFREdFMTgxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /javascript/20220201_1200/javascript.ashx?file=newser.js
x-azure-ref: 0bxwFYgAAAADhuHlIZKvtRb4m0aiRjtATRlJBRURHRTEwMjIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2592000
scheme: https

GET
H2 200 modernizr-custom.js Show response
static2-azrcdn.newser.com/javascript/20220201_1200/ 2 KB
1 KB 170ms
24ms Script
text/javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static2-azrcdn.newser.com/javascript/20220201_1200/modernizr-custom.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d6a2745332948716c2d3849e9b1d02451515f96ec7ab4749855794dea0272857

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
content-encoding: br
last-modified: Mon, 06 Jul 2020 18:04:17 GMT
x-azure-ref-originshield: 0u98EYgAAAAB61bOJKgivQ5YkILXQQ3xdQU1TMDRFREdFMTkwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAACr/cYyRpWwTJC5xFVJNJdxRlJBRURHRTEwMjAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: text/javascript
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 jcarousel_min.js Show response
static1-azrcdn.newser.com/javascript/20220201_1200/ 18 KB
5 KB 24ms
22ms Script
text/javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static1-azrcdn.newser.com/javascript/20220201_1200/jcarousel_min.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2b291810374483e61126df23f32490a6f8a629062a6f00f0d10d7b52ed2a2762

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
content-encoding: br
last-modified: Mon, 06 Jul 2020 18:04:17 GMT
x-azure-ref-originshield: 0KI8EYgAAAACHuRneYmKKTZcfafGAFM0SQU1TMDRFREdFMTgwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAAAxzIkBtYzeSKHo4s0NSiDRRlJBRURHRTEwMjIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: text/javascript
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 ramp.js Show response
cdn.intergient.com/ 139 KB
43 KB 173ms
76ms Script
application/javascript 2600:9000:2250:9600:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/ramp.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: cdf12080db9032976cfc9aa19395cab73b3f3598b49e1d0a6c0a75cd1ed8edc5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
via: 1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=600, public, must-revalidate
content-encoding: br
x-amz-cf-id: 09tZpJflV1Wf4oBiLTvGm7Q0J82poE6TRFHyLgHNGbVkBL6F3r7ccw==

GET
H2 200 pwnewser.min.js Show response
cdn.intergi.com/pubscripts/newser/ 8 KB
2 KB 130ms
23ms Script
text/javascript 2600:9000:223d:a800:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/pubscripts/newser/pwnewser.min.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:a800:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 978f69abae4d7fa60114fcea9ee790caa3599e4aa961d630bf8204e8ceb883b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: N4oxotP37Mu.QJ88DREWNl2Vw79VR5j4
content-encoding: br
last-modified: Fri, 10 Dec 2021 17:04:07 GMT
server: AmazonS3
age: 41875
etag: W/"f3e02b370de691b7b5bb3e271dddaf32"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
date: Thu, 10 Feb 2022 02:40:47 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: pdCH2VGJSaCGA75fyqUsGXUzIIs1VuBqFi216PAkvA9jYmKS7ZWdqg==

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 120ms
41ms Script
application/javascript 2.21.140.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.140.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-140-111.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Thu, 10 Feb 2022 14:08:47 GMT
x-host: s7.addthis.com
content-length: 116360

GET
H2 200 Back-Arrow-Button2.png
img2-azrcdn.newser.com/images/header/ 271 B
512 B 564ms
354ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/header/Back-Arrow-Button2.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c0e2de1910c51b9146fec0cc847f64b28a62b86f030e1ea05a7d8b05c130dc9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0hfAEYgAAAABEqU/Ll+IWSqUnRUKxxrNqQU1TMDRFREdFMTgxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAAAcwXxXDFv1RpfdR+IaWBrCRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 271

GET
H2 200 logo_white_text4.png
img1-azrcdn.newser.com/images/ 5 KB
5 KB 271ms
128ms Image
image/png 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/logo_white_text4.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c00e4b444e4089660152f10bb0cf87d45be907756bf33150841afc2f8a69d791

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
last-modified: Sat, 08 Aug 2020 15:47:42 GMT
x-azure-ref-originshield: 0LQQFYgAAAABjd3xlKSDsQ5csF4+H6dlVQU1TMDRFREdFMTkxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAADpDbhK2J9XTYBpJo+v9QNBRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 5004

GET
H2 200 menu2.png
img1-azrcdn.newser.com/images/header/ 265 B
497 B 270ms
127ms Image
image/png 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/menu2.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 31c724707624a3682770d54e8b216f04db44eff6fefb8313d9178ef0f69a694b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0SG8EYgAAAAAj4f4akAubRrjUioHhmTzKQU1TMDRFREdFMTkxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAADv7ZWaaYtuQqO+8YLrncIURlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 265

GET
H2 200 next-active.png
img1-azrcdn.newser.com/images/header/ 1 KB
1 KB 101ms
85ms Image
image/png 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/next-active.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e4400f21afb8b0d177c8cc1d042db58cd67ab5f03bb076cc84d9fc19523aebca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0hfAEYgAAAAAjEOuWVVEFSr7K9+H7qTr8QU1TMDRFREdFMTkwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAACezR/Qjp4WS4GzymgrDYydRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1304

GET
H2 200 next-inactive.png
img1-azrcdn.newser.com/images/header/ 1 KB
1 KB 102ms
85ms Image
image/png 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/next-inactive.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3c413d9ecb857ab839e9147e9a72b0967a80151bae1aec1b1771c623006f5bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0I8AEYgAAAABnMy6A9IWiQYRy8lTprVtkQU1TMDRFREdFMTkyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAACDSdsAGFRwT60Hs/FtSChJRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1096

GET
H2 200 prev-active.png
img1-azrcdn.newser.com/images/header/ 1 KB
1 KB 102ms
85ms Image
image/png 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/prev-active.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 354cd674accaa26badff834bcbb7487aa7f99930f19cd864d71e6359b6b3f346

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0LQQFYgAAAADedkPjH887RodKTAqGgkkmQU1TMDRFREdFMTgxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAAAaV0eipXiHRaHPqqh3JEdiRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1295

GET
H2 200 prev-inactive.png
img1-azrcdn.newser.com/images/header/ 1 KB
1 KB 102ms
86ms Image
image/png 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/prev-inactive.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fce94e8d493fb1b0c5264ad0ca94f542ca10c39b95eca426ecc0ffbb88e25077

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0SG8EYgAAAABnpkEcSphCQJHieTfiOZMvQU1TMDRFREdFMTkxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAABnmzUivjEjR7qnMWQS4agyRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1071

GET
H2 200 spacer.gif
img1-azrcdn.newser.com/images/ 43 B
295 B 102ms
86ms Image
image/gif 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/spacer.gif
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
last-modified: Mon, 06 Jul 2020 18:04:09 GMT
x-azure-ref-originshield: 0dQ8FYgAAAAA3zS0uhzvkRKVVNU5R1xVZQU1TMDRFREdFMTgxNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAAAuAKwpGld6RqDZjtDLcCP9RlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
content-length: 43

GET
H2 200 Suggest_Icon.png
img1-azrcdn.newser.com/images/ 723 B
977 B 103ms
86ms Image
image/png 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/Suggest_Icon.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d1477d2bfda88c678c2deaffb53f18784ca00294d7318a2521f4b95baa375e3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
last-modified: Mon, 06 Jul 2020 18:04:10 GMT
x-azure-ref-originshield: 0I8AEYgAAAADIaBdc29x/T4qUCWLaMOrOQU1TMDRFREdFMTgxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAABBJbPb9aXXRa5AU17fsi8aRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 723

GET
H2 200 Apple.png
img1-azrcdn.newser.com/images/footer/ 511 B
718 B 103ms
86ms Image
image/png 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/footer/Apple.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1126dae47147dee29ca9bffbbd45f3e609f7d38a2c17cd4f5c73283db4e6304a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0hfAEYgAAAAAES7BSnVYRT7sunM115k9KQU1TMDRFREdFMTgxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAADTiz3PBuopTos3qHmMikbLRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 511

GET
H2 200 Android.png
img1-azrcdn.newser.com/images/footer/ 647 B
875 B 103ms
87ms Image
image/png 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/footer/Android.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ef983d6dcfe16576a9be98a6fe4d2c99552c9e76fe46fefb29dc2ae2cc5082c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0KJUEYgAAAABwABLHa/XhTIaXcj22oNN3QU1TMDRFREdFMTgxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAADlypwl3ZYDTZuTp/lmtP70RlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 647

GET
H2 200 Windows.png
img1-azrcdn.newser.com/images/footer/ 573 B
788 B 103ms
87ms Image
image/png 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/footer/Windows.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a9adbf9ff6cb67410da32776829c98497f78937808849c0c77c476ad5bf8c1a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0hfAEYgAAAACK+0w1FjqCTISnxl2py1Z2QU1TMDRFREdFMTkxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAABgSUEWPRX4RJz8hi+XjytKRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 573

GET
H2 200 icon-72r2.png
img2-azrcdn.newser.com/images/pwa/ 2 KB
2 KB 349ms
337ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/pwa/icon-72r2.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d8fe36a17aa5e4cd1a197c81235633a1e44ca292162a06b9b7dc1dc37981a211

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
last-modified: Mon, 06 Jul 2020 18:04:15 GMT
x-azure-ref-originshield: 0VpUEYgAAAADnXRq8TATAT7nUECkDEKqnQU1TMDRFREdFMTkyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAACImaJR4HumSLkgMY8XOmVTRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2120

GET
H2 200 logo-newser-top.jpg
img2-azrcdn.newser.com/images/ 28 KB
28 KB 505ms
352ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/logo-newser-top.jpg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d8f64ca73c0faaf5d9d1e56252a2d89a23262ea516e7d731adaf5f255d4081a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
last-modified: Mon, 06 Jul 2020 18:04:08 GMT
x-azure-ref-originshield: 00gMFYgAAAAD1HIt8E07RR43/hHxt4AgsQU1TMDRFREdFMTkyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAABuZcp7FphnRJCno8MF9eClRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 28636

GET
H2 200 Grid_Icon.png
img2-azrcdn.newser.com/images/ 202 B
433 B 349ms
338ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/Grid_Icon.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3b556e6cee32c4b0c80ef893fd00eaea90330b3a127a8dffecabbedaf6aba7c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
last-modified: Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref-originshield: 0HRsFYgAAAAClwjmJsraIQLuuqscPvW9sQU1TMDRFREdFMTkwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAAAKZ2lxRjWJQpuFMkmX3dCNRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 202

GET
H2 200 Popular_Icon.png
img1-azrcdn.newser.com/images/ 1005 B
1 KB 103ms
87ms Image
image/png 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/Popular_Icon.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 316f775333e0567a2ea23141b96349652855962025964f0ba097c64c06fb639a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
last-modified: Mon, 06 Jul 2020 18:04:09 GMT
x-azure-ref-originshield: 0KecEYgAAAACxpP9lXVXDR4nFLgBpsJJ0QU1TMDRFREdFMTgyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAADJtP738GNWQprdeK62oZUJRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1005

GET
H2 200 national-archives-took-back-trump-boxes-from-mar-a-lago.jpeg
img2-azrcdn.newser.com/square-image/316601-20220210075824-M/ 44 KB
44 KB 231ms
77ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316601-20220210075824-M/national-archives-took-back-trump-boxes-from-mar-a-lago.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9a79eb4b02ec5ed2db619ac01924fdb1a4582a4e03b87be63d2869b691e6fb07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0HRsFYgAAAAByrFPnLLojTYZFUKkH9Ni8QU1TMDRFREdFMTkxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316601-20220210075824-M/national-archives-took-back-trump-boxes-from-mar-a-lago.jpeg
x-azure-ref: 0bxwFYgAAAACcWkBSb+W6SbUa7cpLpi6cRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45198
scheme: https

GET
H2 200 trucker-blockade-hits-auto-industry-in-us-canada.jpeg
img2-azrcdn.newser.com/square-image/316751-20220210074414-M/ 55 KB
55 KB 396ms
243ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316751-20220210074414-M/trucker-blockade-hits-auto-industry-in-us-canada.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4adb50594e4de53aa8cfc64c3101022ca2975543a0fa1cb3ac3e3aa8a12c8cf9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0HRsFYgAAAACZ0BK56HFcSJwMkjBaV+kqQU1TMDRFREdFMTgwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316751-20220210074414-M/trucker-blockade-hits-auto-industry-in-us-canada.jpeg
x-azure-ref: 0bxwFYgAAAAAKTODwvZwSRpN5o3Wl2cpCRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 56353
scheme: https

GET
H2 200 marjorie-taylor-greene-confuses-gestapo-with-gazpacho.jpeg
img1-azrcdn.newser.com/square-image/316744-20220210065801-M/ 49 KB
49 KB 199ms
113ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316744-20220210065801-M/marjorie-taylor-greene-confuses-gestapo-with-gazpacho.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 92d5346749042e95975ac2df1c850d5d3c0ea59460abf843ca269583a2efe1d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
x-azure-ref-originshield: 02wsFYgAAAAAjb+eeTE7VR5eeVdOCN2v3QU1TMDRFREdFMTgxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316744-20220210065801-M/marjorie-taylor-greene-confuses-gestapo-with-gazpacho.jpeg
x-azure-ref: 0bxwFYgAAAABVRabZzS0VRZNziPITrLvwRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 49874
scheme: https

GET
H2 200 neanderthal-pompeii-upends-theories-on-replacement-by-humans.jpeg
img2-azrcdn.newser.com/square-image/316745-20220210065726-M/ 51 KB
52 KB 182ms
29ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316745-20220210065726-M/neanderthal-pompeii-upends-theories-on-replacement-by-humans.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b601706462796e8e94fbd9880f60f3c699c3d0457a4b89fb53e4ce7fd00ad3c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 02wsFYgAAAAAIae1MYzoLQadDi7AjYJ6QQU1TMDRFREdFMTkxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316745-20220210065726-M/neanderthal-pompeii-upends-theories-on-replacement-by-humans.jpeg
x-azure-ref: 0bxwFYgAAAAAY1ow0VuLkSYpSkgWNY5PhRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 52575
scheme: https

GET
H2 200 black-diamond-from-space-is-being-auctioned-off.jpeg
img1-azrcdn.newser.com/square-image/315758-20220210062031-M/ 37 KB
38 KB 111ms
25ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/315758-20220210062031-M/black-diamond-from-space-is-being-auctioned-off.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44311cab762ee5e31a1b18bc02afb77833e71c2f7cd3c01a65c6d5fc404cbafc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
x-azure-ref-originshield: 0NAQFYgAAAACBDLqmTYweT7WbKkpU0PnCQU1TMDRFREdFMTgwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/315758-20220210062031-M/black-diamond-from-space-is-being-auctioned-off.jpeg
x-azure-ref: 0bxwFYgAAAADxbSjHaxxbTIVXf+QQNC7iRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 38177
scheme: https

GET
H2 200 palin-takes-the-stand-in-nyt-libel-case.jpeg
img2-azrcdn.newser.com/square-image/316733-20220210064214-M/ 47 KB
47 KB 317ms
164ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316733-20220210064214-M/palin-takes-the-stand-in-nyt-libel-case.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4ad26361ed07b718da2b56975ac62e57a2332807dffecaedf37a55832800acfa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0LwkFYgAAAADb72OHI2oOQZBwAlNe6aB7QU1TMDRFREdFMTgxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316733-20220210064214-M/palin-takes-the-stand-in-nyt-libel-case.jpeg
x-azure-ref: 0bxwFYgAAAAD0rcM5OYVcSIyTYFol1bB+RlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 47921
scheme: https

GET
H2 200 mcconnell-breaks-with-rnc-on-capitol-riot.jpeg
img2-azrcdn.newser.com/square-image/316685-20220210052328-M/ 44 KB
44 KB 382ms
229ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316685-20220210052328-M/mcconnell-breaks-with-rnc-on-capitol-riot.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0dc6ed5bb38d97d421b0cab891baacc5262b24d88dc0dcb61c6c3adbd3ff4527

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 08PcEYgAAAADP9CYIHiGXQLQZWmFMlIilQU1TMDRFREdFMTkxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316685-20220210052328-M/mcconnell-breaks-with-rnc-on-capitol-riot.jpeg
x-azure-ref: 0bxwFYgAAAAAD9yvnpORYT7zR6qa8WMc7RlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 44604
scheme: https

GET
H2 200 former-mlb-player-jeremy-giambi-dead-at-47.jpeg
img1-azrcdn.newser.com/square-image/316746-20220210051016-M/ 46 KB
46 KB 163ms
76ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316746-20220210051016-M/former-mlb-player-jeremy-giambi-dead-at-47.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4fb26827a4eb25267b4722f8483b4a772b2976d0c3e4b7426f68a46d3f9279e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
x-azure-ref-originshield: 0nPIEYgAAAACpLoul69dHS5tFC5C8/ExjQU1TMDRFREdFMTkwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316746-20220210051016-M/former-mlb-player-jeremy-giambi-dead-at-47.jpeg
x-azure-ref: 0bxwFYgAAAABAGNwFpg/ASJGyeUaZeFPmRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 47063
scheme: https

GET
H2 200 near-perfect-skate-wins-him-the-gold.jpeg
img2-azrcdn.newser.com/square-image/316747-20220210045242-M/ 44 KB
44 KB 496ms
343ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316747-20220210045242-M/near-perfect-skate-wins-him-the-gold.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b82f9f3851248e2a1edda6d5d270a4cd369e5872a93c289d2afb500708139175

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0mvIEYgAAAABCtY+pbKmQQIUM8LPBX7LEQU1TMDRFREdFMTkxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316747-20220210045242-M/near-perfect-skate-wins-him-the-gold.jpeg
x-azure-ref: 0bxwFYgAAAABkHwenTvuPTJX75++RcsAWRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45279
scheme: https

GET
H2 200 bob-sagets-cause-of-death-revealed.jpeg
img2-azrcdn.newser.com/square-image/316741-20220210044219-M/ 39 KB
40 KB 332ms
180ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316741-20220210044219-M/bob-sagets-cause-of-death-revealed.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2c0719edc0c757c9d13142d8b9f14f4b3fccbeeb7767daae9d1e7ecc7d214396

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0zg4FYgAAAACw1FD3uEscSaKZlGylTJwqQU1TMDRFREdFMTkxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316741-20220210044219-M/bob-sagets-cause-of-death-revealed.jpeg
x-azure-ref: 0bxwFYgAAAACh+PVSbGvmRqRqAxszfcsdRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 40143
scheme: https

GET
H2 200 vague-legal-issues-delay-team-figure-skating-medals.jpeg
img1-azrcdn.newser.com/square-image/316716-20220209194438-M/ 49 KB
49 KB 177ms
91ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316716-20220209194438-M/vague-legal-issues-delay-team-figure-skating-medals.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1d2eadbbeb8f721530090eb5f13b3cf7f0135f2c98efaf8dec97b14172837d73

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
x-azure-ref-originshield: 0hsEEYgAAAAB1R4c0j/4ERoRGFpmVaUpjQU1TMDRFREdFMTkwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316716-20220209194438-M/vague-legal-issues-delay-team-figure-skating-medals.jpeg
x-azure-ref: 0bxwFYgAAAAB7XiMt9vTaQYUBeSPrJ1TTRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 50270
scheme: https

GET
H2 200 with-cars-back-on-the-road-insurance-rises-quickly.jpeg
img2-azrcdn.newser.com/square-image/316715-20220209215600-M/ 48 KB
48 KB 335ms
182ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316715-20220209215600-M/with-cars-back-on-the-road-insurance-rises-quickly.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b9d6f21170b1832a2bf376303d65478f8b351dfc121ca5c45484408c58720a45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0mvIEYgAAAADZuSxlME7uS5gYQiU82lrDQU1TMDRFREdFMTkxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316715-20220209215600-M/with-cars-back-on-the-road-insurance-rises-quickly.jpeg
x-azure-ref: 0bxwFYgAAAACFM4dgHpFwRK6OJsIXjnytRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 48835
scheme: https

GET
H2 200 house_grid_morning.png
img1-azrcdn.newser.com/images/ 33 KB
34 KB 203ms
118ms Image
image/png 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/house_grid_morning.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 185b7539076b9f8d807c5740180aac4e2a4b3bc2912b4e9485950ccddb4cb39e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
last-modified: Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref-originshield: 0XgoFYgAAAAD+MV8m55kwS71mJxZ6TN29QU1TMDRFREdFMTkxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAADkRF+cGUZzQ7S0DpC0WJmfRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 34113

GET
H2 200 feds-accuse-2-hawaii-lawmakers-of-taking-bribes.jpeg
img2-azrcdn.newser.com/square-image/316731-20220209190815-M/ 47 KB
47 KB 390ms
237ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316731-20220209190815-M/feds-accuse-2-hawaii-lawmakers-of-taking-bribes.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 37dc1bf9b47d3bea561b7ceace460779692cbcac891974d39804ddbc51b6d5cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0uRAFYgAAAAC9P7KKTkmITb37CwqZsLiQQU1TMDRFREdFMTkxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316731-20220209190815-M/feds-accuse-2-hawaii-lawmakers-of-taking-bribes.jpeg
x-azure-ref: 0bxwFYgAAAAAuW+iO4tCfRqUM40oOlnwFRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 47823
scheme: https

GET
H2 200 prosecutor-says-giuliani-demanded-voting-machines.jpeg
img2-azrcdn.newser.com/square-image/316729-20220209190104-M/ 37 KB
37 KB 317ms
164ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316729-20220209190104-M/prosecutor-says-giuliani-demanded-voting-machines.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 395a23dd18c7921f8e1daf626d94ce2d24a4b6db80a4a20f621f87fc2a5a8bea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0LtcEYgAAAACvdQWEBXpKSaKcPVRSLOfnQU1TMDRFREdFMTkxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316729-20220209190104-M/prosecutor-says-giuliani-demanded-voting-machines.jpeg
x-azure-ref: 0bxwFYgAAAAD+dL7kFSdiTrcjnE3oy5CeRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 37647
scheme: https

GET
H2 200 wildlife-group-searches-jungle-for-tiger-that-needs-help.jpeg
img2-azrcdn.newser.com/square-image/316703-20220209180345-M/ 47 KB
48 KB 267ms
115ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316703-20220209180345-M/wildlife-group-searches-jungle-for-tiger-that-needs-help.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 09fd14e6cb64274417ca67fa02eba570db41af0749d3db2cf5eccc997a02c813

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0h8EEYgAAAABu7ELm32IZRpv+YoDHYaNwQU1TMDRFREdFMTkxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316703-20220209180345-M/wildlife-group-searches-jungle-for-tiger-that-needs-help.jpeg
x-azure-ref: 0bxwFYgAAAACqG1PukWjiR4p/oKkW1xaiRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 48597
scheme: https

GET
H2 200 already-a-hot-ticket-super-bowl-could-set-temperature-record.jpeg
img1-azrcdn.newser.com/square-image/316724-20220209173515-M/ 62 KB
62 KB 190ms
104ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316724-20220209173515-M/already-a-hot-ticket-super-bowl-could-set-temperature-record.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 54816aee5bac6e267870af1a3748d27f8d9875247bb84c40b018c28348cf203c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
x-azure-ref-originshield: 0KJUEYgAAAACaRlx/Zk7US6aAwGgO+w99QU1TMDRFREdFMTgxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316724-20220209173515-M/already-a-hot-ticket-super-bowl-could-set-temperature-record.jpeg
x-azure-ref: 0bxwFYgAAAABWzGoXecEwSr1FqoUUwmtURlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 63647
scheme: https

GET
H2 200 usps-slammed-for-plan-to-replace-fleet-with-gas-guzzlers.jpeg
img1-azrcdn.newser.com/square-image/316706-20220209210311-M/ 49 KB
49 KB 171ms
84ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316706-20220209210311-M/usps-slammed-for-plan-to-replace-fleet-with-gas-guzzlers.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ffd70a3a5541b208ba50191a6ebcff5ce32e820a3350d710b94d0dcd5bdb302

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
x-azure-ref-originshield: 0LtcEYgAAAAB4xfMw20uQToMLephPtftHQU1TMDRFREdFMTgxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316706-20220209210311-M/usps-slammed-for-plan-to-replace-fleet-with-gas-guzzlers.jpeg
x-azure-ref: 0bxwFYgAAAABidSPuTi5ZSZv+MUa3OGeqRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 49683
scheme: https

GET
H2 200 secret-service-whisks-second-gentleman-out-of-dc-event.jpeg
img2-azrcdn.newser.com/square-image/316681-20220209162223-M/ 50 KB
51 KB 384ms
231ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316681-20220209162223-M/secret-service-whisks-second-gentleman-out-of-dc-event.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4731b38dfa44ddce1b9287b70fec361eb89bd04b86b6bf250e097aa465f5b66f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0mvIEYgAAAAA3xw86zR5mRo5FXnpS5G/DQU1TMDRFREdFMTgwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316681-20220209162223-M/secret-service-whisks-second-gentleman-out-of-dc-event.jpeg
x-azure-ref: 0bxwFYgAAAADKOSTOS2q7SaTED10KhJKxRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 51324
scheme: https

GET
H2 200 chipotle-jumps-101-despite-menu-price-hikes.jpeg
img1-azrcdn.newser.com/square-image/316728-20220209162815-M/ 55 KB
55 KB 150ms
63ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316728-20220209162815-M/chipotle-jumps-101-despite-menu-price-hikes.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 76d47e94f81b97aec80a56aa775f1bdd8dbc56d34e47a775bdbe0e956fdab43a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
x-azure-ref-originshield: 0KJUEYgAAAADbD5GmL09PSoDZetPl1ilDQU1TMDRFREdFMTkxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316728-20220209162815-M/chipotle-jumps-101-despite-menu-price-hikes.jpeg
x-azure-ref: 0bxwFYgAAAADjn5WDH/e/SZ9Na9hMLxFMRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 56021
scheme: https

GET
H2 200 fauci-were-on-the-way-out-of-full-blown-phase-of-pandemic.jpeg
img2-azrcdn.newser.com/square-image/316725-20220209154730-M/ 37 KB
37 KB 499ms
347ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316725-20220209154730-M/fauci-were-on-the-way-out-of-full-blown-phase-of-pandemic.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5b1e8cc976bca45e8dfbd20acb619fb4c0cdae37489b3013967a073464fefeef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0LtcEYgAAAADldEaQ4kF7QYZ/4DowEfpwQU1TMDRFREdFMTkwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316725-20220209154730-M/fauci-were-on-the-way-out-of-full-blown-phase-of-pandemic.jpeg
x-azure-ref: 0bxwFYgAAAADWcl1ytjskTLlQ5reDp2sKRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 37751
scheme: https

GET
H2 200 ex-american-idol-star-charged-with-dui-causing-death.jpeg
img2-azrcdn.newser.com/square-image/316721-20220209151430-M/ 44 KB
44 KB 497ms
344ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316721-20220209151430-M/ex-american-idol-star-charged-with-dui-causing-death.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0ba9f44ad8620e01479836ff1c5ff7a4da26357eee3867f12fbd8d8782a82daf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 09OAEYgAAAACR+bndpPyoTKgnmrkNa446QU1TMDRFREdFMTkxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316721-20220209151430-M/ex-american-idol-star-charged-with-dui-causing-death.jpeg
x-azure-ref: 0bxwFYgAAAAD0DVI2BuiYQox5Wi3JjToxRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45086
scheme: https

GET
H2 200 black-woman-who-tried-to-register-to-vote-handed-6-years.jpeg
img1-azrcdn.newser.com/square-image/316660-20220209210252-M/ 47 KB
48 KB 132ms
45ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316660-20220209210252-M/black-woman-who-tried-to-register-to-vote-handed-6-years.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 744ff6254931a61a024f766c0abbcba8513222248f3799550e7a344869b32143

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
x-azure-ref-originshield: 0mvIEYgAAAABrVaRRu4AxTbqDnIBttYh7QU1TMDRFREdFMTgxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316660-20220209210252-M/black-woman-who-tried-to-register-to-vote-handed-6-years.jpeg
x-azure-ref: 0bxwFYgAAAACBbJbb6MRtQKAXHc3LHVvORlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 48445
scheme: https

GET
H2 200 4-arrested-after-100-trapped-on-san-diego-zoo-ride.jpeg
img1-azrcdn.newser.com/square-image/316344-20220209143300-M/ 39 KB
39 KB 198ms
112ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316344-20220209143300-M/4-arrested-after-100-trapped-on-san-diego-zoo-ride.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8ebe1d8db3728671f25db9305af3cd6be118740cfe1528ed5f5f0a25a7104ace

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
x-azure-ref-originshield: 0LwkFYgAAAAA4l1cofLC8T6RFiK5ZqfKyQU1TMDRFREdFMTkxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316344-20220209143300-M/4-arrested-after-100-trapped-on-san-diego-zoo-ride.jpeg
x-azure-ref: 0bxwFYgAAAADJYDFZs+BVRYm/POKD/FbtRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 40021
scheme: https

GET
H2 200 house-passes-major-postal-service-overhaul.jpeg
img2-azrcdn.newser.com/square-image/316723-20220209142130-M/ 60 KB
60 KB 501ms
348ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316723-20220209142130-M/house-passes-major-postal-service-overhaul.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 50c34901c1aed81889c94ca817b50dd7103bb723548ab3df8c386b9c37356d77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0LwkFYgAAAAD2cTpry8G3T6kzAqQ66qJdQU1TMDRFREdFMTgxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316723-20220209142130-M/house-passes-major-postal-service-overhaul.jpeg
x-azure-ref: 0bxwFYgAAAABT8q6oOkcnSYFDe/nnEbK6RlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 61422
scheme: https

GET
H2 200 house_grid_iphone.png
img2-azrcdn.newser.com/images/ 16 KB
16 KB 349ms
338ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/house_grid_iphone.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44da54fd69c8966482bc49d3744fff0a7fd944dc2dd5732d9f710da7df4329bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
last-modified: Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref-originshield: 0HRsFYgAAAACUiYNhBr1wRYm2eMDFw00DQU1TMDRFREdFMTkxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAAAA6m1XzQP1R7zXI4fo1/RQRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 16207

GET
H2 200 elderly-skater-dies-after-plunging-through-ice.jpeg
img2-azrcdn.newser.com/square-image/316711-20220209140246-M/ 41 KB
41 KB 350ms
339ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316711-20220209140246-M/elderly-skater-dies-after-plunging-through-ice.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 99383a41ff60b647f0d39204cac36519e84a2b0035cf5de8dafbd6ec5acc38b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0j3oEYgAAAAAsejdaya4NRKMHFYTfiP2PQU1TMDRFREdFMTkxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316711-20220209140246-M/elderly-skater-dies-after-plunging-through-ice.jpeg
x-azure-ref: 0bxwFYgAAAAApeWKP2rH2T4q0QbVMeLmWRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 41938
scheme: https

GET
H2 200 steven-spielberg-thought-jaws-theme-was-a-joke.jpeg
img2-azrcdn.newser.com/square-image/316717-20220209132213-M/ 36 KB
36 KB 354ms
342ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316717-20220209132213-M/steven-spielberg-thought-jaws-theme-was-a-joke.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 47c2a72a84c25a712f2b3578382819a0f10e1d9d781edc91b0b610ab49d50aa3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0KJUEYgAAAACZh43ckJDDSY/Wh1+5rfT1QU1TMDRFREdFMTgwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316717-20220209132213-M/steven-spielberg-thought-jaws-theme-was-a-joke.jpeg
x-azure-ref: 0bxwFYgAAAABAmMnKnZhMS7WF42N1NzWURlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 36676
scheme: https

GET
H2 200 pandemic-may-have-killed-off-one-of-britains-oldest-pubs.jpeg
img1-azrcdn.newser.com/square-image/316680-20220209130143-M/ 47 KB
48 KB 108ms
92ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316680-20220209130143-M/pandemic-may-have-killed-off-one-of-britains-oldest-pubs.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 710e557328caaf4cc6879abf110102ce8d91cddcd23a3222dde246e8f2d65b50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
x-azure-ref-originshield: 0LwkFYgAAAAATo0EnKWjTSrJc8mkvNHlVQU1TMDRFREdFMTgxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316680-20220209130143-M/pandemic-may-have-killed-off-one-of-britains-oldest-pubs.jpeg
x-azure-ref: 0bxwFYgAAAADcdbx9CFDNTZwRktgNiS0YRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 48377
scheme: https

GET
H2 200 up-to-40-new-spacex-satellites-are-doomed.jpeg
img2-azrcdn.newser.com/square-image/316705-20220209123828-M/ 37 KB
37 KB 361ms
350ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316705-20220209123828-M/up-to-40-new-spacex-satellites-are-doomed.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 35492a87c4890844d74421e987420d971ead965292333dfe959060794f908c6d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0mvIEYgAAAAAtSTmKl53mSZ8g/xV+01SXQU1TMDRFREdFMTkxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316705-20220209123828-M/up-to-40-new-spacex-satellites-are-doomed.jpeg
x-azure-ref: 0bxwFYgAAAAAas+sgXUHdT5eK/g1GiDVtRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 37607
scheme: https

GET
H2 200 ny-gov-lifts-mask-mandate-for-businesses-but-not-schools.jpeg
img1-azrcdn.newser.com/square-image/316720-20220209122713-M/ 39 KB
40 KB 114ms
98ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316720-20220209122713-M/ny-gov-lifts-mask-mandate-for-businesses-but-not-schools.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fdd60a0f9993c5dca2b7018550bdb97f584e780ccf7d96e56420ad0c3afc0e85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
x-azure-ref-originshield: 04OQEYgAAAABjexuSA0R6QKMVpIg/GQWPQU1TMDRFREdFMTkyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316720-20220209122713-M/ny-gov-lifts-mask-mandate-for-businesses-but-not-schools.jpeg
x-azure-ref: 0bxwFYgAAAABRgbATfy8sTZOXpsyXxBn2RlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 40413
scheme: https

GET
H2 200 women-alleges-rape-on-overnight-flight-to-london.jpeg
img1-azrcdn.newser.com/square-image/316718-20220209115758-M/ 46 KB
46 KB 118ms
102ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316718-20220209115758-M/women-alleges-rape-on-overnight-flight-to-london.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e42acb7ff244181dcbd7f7797db80465a8f70e543dc30d6b275eeef835c670d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
x-azure-ref-originshield: 04OQEYgAAAABJOO2vUi96QqFFZlITK4dlQU1TMDRFREdFMTgyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316718-20220209115758-M/women-alleges-rape-on-overnight-flight-to-london.jpeg
x-azure-ref: 0bxwFYgAAAADxg72pXS27Tay4z+NH7WK+RlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 46682
scheme: https

GET
H2 200 w-va-students-object-after-theyre-preached-to-at-school.jpeg
img2-azrcdn.newser.com/square-image/316713-20220209113813-M/ 44 KB
44 KB 365ms
354ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316713-20220209113813-M/w-va-students-object-after-theyre-preached-to-at-school.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: aa7b879b43dafa713fa3845f06645d6d5da9bf17726b2534c0b824149aa4dbad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0j3oEYgAAAAC0usqnqgOjR7p+PUIuyyr/QU1TMDRFREdFMTgxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316713-20220209113813-M/w-va-students-object-after-theyre-preached-to-at-school.jpeg
x-azure-ref: 0bxwFYgAAAABx/bhNxJH2SZO0TCyXzxrwRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45039
scheme: https

GET
H2 200 woman-sat-dead-in-her-home-for-2-years.jpeg
img1-azrcdn.newser.com/square-image/316714-20220209111613-M/ 51 KB
51 KB 120ms
104ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316714-20220209111613-M/woman-sat-dead-in-her-home-for-2-years.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 17ffc5c006a036e40951e7b25d58fd24fed4612ea38d3834b3cc78066bf3ec0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
x-azure-ref-originshield: 0HRsFYgAAAAAWW4riztwsRYgR1FxVfYyyQU1TMDRFREdFMTkxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316714-20220209111613-M/woman-sat-dead-in-her-home-for-2-years.jpeg
x-azure-ref: 0bxwFYgAAAAAzrKE0fl74QLDJzosQBJnWRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 52261
scheme: https

GET
H2 200 ex-royals-sue-italy-give-back-our-crown-jewels.jpeg
img2-azrcdn.newser.com/square-image/316707-20220209104228-M/ 35 KB
36 KB 367ms
356ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316707-20220209104228-M/ex-royals-sue-italy-give-back-our-crown-jewels.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d53d5934c2dc6626071dbc01721a80dc8717d6bcce03c6dcb544dc1ffef6937f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0LwkFYgAAAAC/WymriRkITIcVaDRN75sKQU1TMDRFREdFMTkyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316707-20220209104228-M/ex-royals-sue-italy-give-back-our-crown-jewels.jpeg
x-azure-ref: 0bxwFYgAAAADMPSJErZkOQLqllTAqM3oTRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 36225
scheme: https

GET
H2 200 case-of-nc-family-found-dead-in-bathtub-in-1972-solved.jpeg
img1-azrcdn.newser.com/square-image/316710-20220210044629-M/ 39 KB
39 KB 121ms
105ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316710-20220210044629-M/case-of-nc-family-found-dead-in-bathtub-in-1972-solved.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4dee8d0964077ebd8e97439ceea1ac631a0a96108547f51662a0abe472058b32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
x-azure-ref-originshield: 0LwkFYgAAAAAuJnhympyqSYOruJZWWep8QU1TMDRFREdFMTkyMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316710-20220210044629-M/case-of-nc-family-found-dead-in-bathtub-in-1972-solved.jpeg
x-azure-ref: 0bxwFYgAAAACPIYtICuJESoIASQ2kIa5URlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 39845
scheme: https

GET
H2 200 uc-to-pay-2436m-over-gynecologists-alleged-abuse.jpeg
img2-azrcdn.newser.com/square-image/316701-20220209100652-M/ 44 KB
44 KB 368ms
357ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316701-20220209100652-M/uc-to-pay-2436m-over-gynecologists-alleged-abuse.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 67b9b69d2de45d1755e4770fd70b05d8060e4677f2689776161c541990012184

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0mvIEYgAAAAAtpJoEBJuCQ5hm/GnyRNMZQU1TMDRFREdFMTkyMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316701-20220209100652-M/uc-to-pay-2436m-over-gynecologists-alleged-abuse.jpeg
x-azure-ref: 0bxwFYgAAAADglY+f9SASS5PEdgCsWQTARlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 44736
scheme: https

GET
H2 200 friday-co-star-aj-johnson-dies.jpeg
img1-azrcdn.newser.com/square-image/311252-20220209091028-M/ 52 KB
52 KB 122ms
106ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/311252-20220209091028-M/friday-co-star-aj-johnson-dies.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c2e4d9fab5b18fb69a5b1ff202eab2de1ba21a4e98f1adfef83009f69d865992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
x-azure-ref-originshield: 0mvIEYgAAAADyTYiqXWErRZVziWpFJ+r7QU1TMDRFREdFMTgxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/311252-20220209091028-M/friday-co-star-aj-johnson-dies.jpeg
x-azure-ref: 0bxwFYgAAAAAeQ4Gm/ZoDSKQXLPzzgFiYRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 53388
scheme: https

GET
H2 200 house_grid_rundown.png
img1-azrcdn.newser.com/images/ 5 KB
5 KB 128ms
112ms Image
image/png 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/house_grid_rundown.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 21349b60e999f29bb11fd1384e57ea43faf7bb39d7822e81c1e30de505663228

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
last-modified: Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref-originshield: 0+MQEYgAAAADvF3oQcxwdQrlsE7uJkq3fQU1TMDRFREdFMTgwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAAB0H1IIrQuJT5vocytCIVDTRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 5120

GET
H2 200 oxford-suspects-mom-feared-for-her-job-after-shooting.jpeg
img1-azrcdn.newser.com/square-image/316692-20220209083458-M/ 41 KB
41 KB 132ms
117ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316692-20220209083458-M/oxford-suspects-mom-feared-for-her-job-after-shooting.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 01055ef0971fe2b7613481c4aeb7a470a12bdc12ab4dbcaaef4b3c044f30aa3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
x-azure-ref-originshield: 04OQEYgAAAACFxa/0ARLoTqQSO+Bub8xBQU1TMDRFREdFMTkyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316692-20220209083458-M/oxford-suspects-mom-feared-for-her-job-after-shooting.jpeg
x-azure-ref: 0bxwFYgAAAACkQMhunIfLQLtGTA6g1rHqRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 41926
scheme: https

GET
H2 200 scientists-created-a-mini-star-inside-of-our-machine.jpeg
img2-azrcdn.newser.com/square-image/316709-20220209081734-M/ 62 KB
62 KB 369ms
358ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316709-20220209081734-M/scientists-created-a-mini-star-inside-of-our-machine.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3ec96e411c10a7ecd0c531cdc668fdd32e9591b19722367f347d718e9fc9e500

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0LtcEYgAAAABMXcadgU8dSIP28IsK+WCmQU1TMDRFREdFMTgyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316709-20220209081734-M/scientists-created-a-mini-star-inside-of-our-machine.jpeg
x-azure-ref: 0bxwFYgAAAADMZbcGBBEITpSj38o860kmRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 63463
scheme: https

GET
H2 200 report-chris-cuomo-wants-megyn-kelly-money-from-cnn.jpeg
img2-azrcdn.newser.com/square-image/316699-20220209075243-M/ 38 KB
38 KB 374ms
363ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316699-20220209075243-M/report-chris-cuomo-wants-megyn-kelly-money-from-cnn.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4578ad9e563dbdb7266bcec42de9bca2b47d5a22c20ded090f966cda810f07da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0j3oEYgAAAADHO+h0VOLQTo7uRYEn7Mh6QU1TMDRFREdFMTkyMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316699-20220209075243-M/report-chris-cuomo-wants-megyn-kelly-money-from-cnn.jpeg
x-azure-ref: 0bxwFYgAAAADyHU9SasDwSa3Nvjyera93RlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 38732
scheme: https

GET
H2 200 johnson-johnson-is-pausing-covid-vaccine-production.jpeg
img2-azrcdn.newser.com/square-image/316691-20220209065438-M/ 46 KB
46 KB 383ms
372ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316691-20220209065438-M/johnson-johnson-is-pausing-covid-vaccine-production.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bb277af08e236531f4a598a7ff279ebd5770ffd5f5d43d4a68b1a238920890ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 04eQEYgAAAADKmneghjkSTaGTOfY9m0D5QU1TMDRFREdFMTkxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316691-20220209065438-M/johnson-johnson-is-pausing-covid-vaccine-production.jpeg
x-azure-ref: 0bxwFYgAAAADKAKBhQGdAS4IEbcrbVX1eRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 46596
scheme: https

GET
H2 200 us-first-gold-in-beijing-is-also-huge-for-lindsey-jacobellis.jpeg
img1-azrcdn.newser.com/square-image/316698-20220209065329-M/ 53 KB
54 KB 136ms
120ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316698-20220209065329-M/us-first-gold-in-beijing-is-also-huge-for-lindsey-jacobellis.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7bda06ceb6033d33431204d748885340036b36f20756876f2d06a0a309e8c9d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
x-azure-ref-originshield: 0mvIEYgAAAADSIMkyn2unQaej7S1JJVTVQU1TMDRFREdFMTgxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316698-20220209065329-M/us-first-gold-in-beijing-is-also-huge-for-lindsey-jacobellis.jpeg
x-azure-ref: 0bxwFYgAAAABT4uiS0foPSqjgA7S/dn5kRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 54605
scheme: https

GET
H2 200 stacey-abrams-sorry-about-maskless-photo.jpeg
img2-azrcdn.newser.com/square-image/316693-20220209070928-M/ 50 KB
50 KB 406ms
395ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316693-20220209070928-M/stacey-abrams-sorry-about-maskless-photo.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 84aa86ee5490f3247ae99f2cc968823f81dfb0500f6118dca036499d16ac1bd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0iMEEYgAAAADzy7TavmKnRJhUEc2Nav7lQU1TMDRFREdFMTkxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316693-20220209070928-M/stacey-abrams-sorry-about-maskless-photo.jpeg
x-azure-ref: 0bxwFYgAAAACPTY9KovHSTqJbDWT7Ht2TRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 50972
scheme: https

GET
H2 200 amir-lockes-cousin-arrested-in-case-cops-were-investigating.jpeg
img2-azrcdn.newser.com/square-image/316687-20220209061333-M/ 54 KB
54 KB 417ms
406ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316687-20220209061333-M/amir-lockes-cousin-arrested-in-case-cops-were-investigating.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0d9a9704984f4cc30fd74f3c52b8ef597299eed14b430d20efbef27cd967e390

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0LwkFYgAAAADGe9bxp30SQ7zUvXHDXEaAQU1TMDRFREdFMTgxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316687-20220209061333-M/amir-lockes-cousin-arrested-in-case-cops-were-investigating.jpeg
x-azure-ref: 0bxwFYgAAAABMJhq5sPLfTqPsZr0zXscXRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 55304
scheme: https

GET
H2 200 mother-who-fatally-stabbed-her-4-kids-gets-life.jpeg
img1-azrcdn.newser.com/square-image/316688-20220209060241-M/ 39 KB
39 KB 146ms
130ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316688-20220209060241-M/mother-who-fatally-stabbed-her-4-kids-gets-life.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 157c6d06b46ee335d2c7f7bdcc76578b258a32030d18adadd6b2c85a31c8f4eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
x-azure-ref-originshield: 0HRsFYgAAAABlgQ0OH6gMQ64VoRM4Jq4cQU1TMDRFREdFMTgwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316688-20220209060241-M/mother-who-fatally-stabbed-her-4-kids-gets-life.jpeg
x-azure-ref: 0bxwFYgAAAAC9Eh7Fg2F9TZXERm8vhLUGRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 39746
scheme: https

GET
H2 200 joe-rogan-addresses-spotify-drama-on-podcast.jpeg
img1-azrcdn.newser.com/square-image/316690-20220209063100-M/ 41 KB
41 KB 147ms
131ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316690-20220209063100-M/joe-rogan-addresses-spotify-drama-on-podcast.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5643a770f9a88db4ea5d356ae4ebaa7e31badfaaacdd396c090174b3d84c8e84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
x-azure-ref-originshield: 0mvIEYgAAAADlqOx/OquFQ7ukfRh6i0ixQU1TMDRFREdFMTkwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316690-20220209063100-M/joe-rogan-addresses-spotify-drama-on-podcast.jpeg
x-azure-ref: 0bxwFYgAAAAAs7V34hITwTInG21qnZP8TRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 41525
scheme: https

GET
H2 200 nathan-chens-incredible-short-program-shatters-record.jpeg
img2-azrcdn.newser.com/square-image/316695-20220209064842-M/ 43 KB
44 KB 419ms
408ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316695-20220209064842-M/nathan-chens-incredible-short-program-shatters-record.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 185c30b8c8df4dceba339220aa4f959e85491691f57a431f37ee5ecb36f5fc52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0LtcEYgAAAADiySvdcgiCQphcqy+rjO/lQU1TMDRFREdFMTkyMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316695-20220209064842-M/nathan-chens-incredible-short-program-shatters-record.jpeg
x-azure-ref: 0bxwFYgAAAABqqqI7h0aHQr8/FUoEVqE+RlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 44217
scheme: https

GET
H2 200 hyundai-kia-warn-485k-car-owners-park-outside.jpeg
img1-azrcdn.newser.com/square-image/316694-20220209054443-M/ 52 KB
53 KB 154ms
138ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316694-20220209054443-M/hyundai-kia-warn-485k-car-owners-park-outside.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c1cd0ca37c6926b07d722bb7c153ed3137054ca53672f947de08edcc9cddd13b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
x-azure-ref-originshield: 0mvIEYgAAAAC0qr5NhaNCSJ9ixYKfLzToQU1TMDRFREdFMTgxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316694-20220209054443-M/hyundai-kia-warn-485k-car-owners-park-outside.jpeg
x-azure-ref: 0bxwFYgAAAAAwnLyoq+hERpRff8psLiIZRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 53637
scheme: https

GET
H2 200 lawsuit-sequels-release-has-hurt-entire-matrix-franchise.jpeg
img2-azrcdn.newser.com/square-image/316663-20220209055304-M/ 42 KB
43 KB 421ms
410ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316663-20220209055304-M/lawsuit-sequels-release-has-hurt-entire-matrix-franchise.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f26f3eeb486923290a6185ee718db5aa71e45f02b5d1de24f3027ceab65e9bd6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0iMEEYgAAAAD0zDZKcM4QQaDICBuW1fslQU1TMDRFREdFMTkxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316663-20220209055304-M/lawsuit-sequels-release-has-hurt-entire-matrix-franchise.jpeg
x-azure-ref: 0bxwFYgAAAAArhpuZ/FRNTIp73DiAmk0VRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 43263
scheme: https

GET
H2 200 / Show response
loadus.exelator.com/load/ 124 B
506 B 169ms
63ms Script
application/x-javascript 34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://loadus.exelator.com/load/?p=320&g=001&c=700151&ctg=home&subctg=&ag=&gd=
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: 1934199df51551755f77a59d6993a98e332ad57c09ab22d30fafb727d92e4eb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
content-type: application/x-javascript;charset=UTF-8
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2 200 dpx.js Show response
i.simpli.fi/ 3 KB
4 KB 100ms
29ms Script
application/javascript 169.50.137.179
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/dpx.js?cid=3056&m=1&referrer=http://www.newser.com

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b3.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Thu, 10 Feb 2022 14:08:47 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3095
x-request-id: FtJx-M4_Svq5gp-hKpVB
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 abp.png
img2-azrcdn.newser.com/images/ 2 KB
2 KB 425ms
414ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/abp.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ad9e5210a13805edc2cc2874d7ffa326b907e9c6d0c212071798944a1dd9ffae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
last-modified: Mon, 06 Jul 2020 18:04:06 GMT
x-azure-ref-originshield: 0LQQFYgAAAADhSMVZONN9R6ioDhfTBOrHQU1TMDRFREdFMTgwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAAC1y2wFn89AS7F+KNkti9/5RlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1639

GET
H2 200 ubo.png
img2-azrcdn.newser.com/images/ 2 KB
2 KB 425ms
414ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/ubo.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7cec802828fd9d25efc4611219c8748745117f5a51d4f76e4f9cfd85a428ce95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
last-modified: Mon, 06 Jul 2020 18:04:10 GMT
x-azure-ref-originshield: 0LQQFYgAAAAALsbRnRPvqQYGODD96XPwPQU1TMDRFREdFMTkxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAACCygJTQaOXS5Nu26kwwO6yRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1613

GET
H2 200 ghostery.png
img1-azrcdn.newser.com/images/ 2 KB
2 KB 159ms
143ms Image
image/png 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/ghostery.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8baae135666cde471d16426b7387541d4b900559275813859e2d296eee039192

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
last-modified: Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref-originshield: 0SG8EYgAAAAAFlj+4kPTlR5UgvbWVuxAwQU1TMDRFREdFMTkxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAACN83ItLDaSTo8aE7pJ1jvFRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1612

GET
H/1.1 200
OK kbhhrvCB.js Show response
newser.com/ED41_Jt/dSkYOXb/RhjLGBJnEp/ 13 KB
6 KB 225ms
225ms Script
text/javascript 40.114.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://newser.com/ED41_Jt/dSkYOXb/RhjLGBJnEp/kbhhrvCB.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 40.114.51.62 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: afa332c79548bd91db4149e3f235abd7e13cbb4411b9144bc5d7050202193551

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 14:08:47 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
X-Tornado: yes
Content-Length: 5732

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 106ms
19ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/javascript/20220201_1200/javascript.ashx?file=newser.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67E2) /
Resource Hash: 1f5a3cbf19a41df9f5e59f05ac4c668b3caa896cb3c2e5c96f7addf4f6a96479

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 14:08:47 GMT
Content-Encoding: gzip
Age: 188
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 29179
x-tw-cdn: VZ
Last-Modified: Tue, 01 Feb 2022 20:03:56 GMT
Server: ECS (frb/67E2)
Etag: "94840c3a0697481258cd2b28513e7509+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H/1.1 200
OK / Show response
api.ipify.org/ 22 B
253 B 368ms
132ms XHR
application/json 54.91.59.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/javascript/20220201_1200/jquery-1.12.4.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-59-199.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: c99190b8d37e8fb2b6324eb7d320bec6dfcadba4114ce999c2d9bbc9cad16180

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.newser.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 14:08:47 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.newser.com
Connection: keep-alive
Content-Length: 22

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 89ms
22ms Script
text/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3647
date: Thu, 10 Feb 2022 13:08:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 10 Feb 2022 15:08:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 111ms
32ms Script
application/javascript 2620:116:800d:21:ee05:6a01:4b41:8c89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
content-encoding: gzip
etag: "yoD6mq4JTyPdtDBolW+GUg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Thu, 17 Feb 2022 14:08:47 GMT

GET
H2 200 infinity.js.aspx Show response
cdn.engine.4dsply.com/Scripts/ 180 KB
57 KB 205ms
83ms Script
application/x-javascript 2606:4700::6810:9f11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=7f1a7287-2f7e-4f83-800d-06bd711ee14e
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9f11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7dd797ef6ce230e9bb19efbfe63a5dcee0e08a00cd6c7b75a151e8ac3de98816

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 333
x-powered-by: ASP.NET
p3p: CP="CAO PSA OUR IND"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 10 Feb 2022 14:03:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=900
cf-ray: 6db5e959986191fc-FRA
expires: Thu, 10 Feb 2022 14:23:47 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 103ms
43ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cd3f891740402d04ebd073342a387646ab222d64c56f153096343e63a5b181f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: DzMurBKybL6KISuelXBSNg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Thu, 10 Feb 2022 14:28:04 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: AmiLTwg++xsYpDWHCfSpgkq2jzf56CMb9NgI9C5kqA0dWjslEvc0h/2zBx7hdWxVpuqU2VilpSgaogqn+PUf4Q==
x-fb-trip-id: 2050670934
x-fb-content-md5: b77a920597a711167c6e06c8ba26afcb
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 10 Feb 2022 14:08:47 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "66a2f5475fed135d3b8b6ce0bbd845d0"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 newsern2.png
img2-azrcdn.newser.com/images/header/ 782 B
998 B 213ms
26ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/header/newsern2.png
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20220201_1200/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3f9ebf128c9383c5fc8f3a73439f0e2dfb997f34318383e554b124e37c319c2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0MgQFYgAAAABIdhvh6cr0RoHNC6Ts1vC6QU1TMDRFREdFMTgxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAADf2awrGkzoQ4AKKPnvEYYFRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 782

GET
H2 200 triangle_white_down.svg
img1-azrcdn.newser.com/images/header/ 618 B
840 B 144ms
24ms Image
image/svg+xml 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/triangle_white_down.svg
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20220201_1200/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: febc13d4fca620c0eda223b3febb844ecb01e4299569a936801b86ecc25609e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0UuMEYgAAAABa6ekakKzmQ5VQr5cnYB5QQU1TMDRFREdFMTkyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAADHcyX628OXQYkCJxE38deDRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes
content-length: 618

GET
H2 200 user_white.svg
img2-azrcdn.newser.com/images/header/ 1 KB
948 B 212ms
26ms Image
image/svg+xml 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/header/user_white.svg
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20220201_1200/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6d6d162a89e32c126f5019cbd4143ddf6cc9fbf19858a3272ad6ad5ac2beae14

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
content-encoding: br
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0hfAEYgAAAABQb71klfc0QrDq3Pnz93CuQU1TMDRFREdFMTgxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAABvy97MeGB/QrZBqFUQqC8vRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 search_white.svg
img2-azrcdn.newser.com/images/header/ 916 B
1 KB 254ms
67ms Image
image/svg+xml 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/header/search_white.svg
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20220201_1200/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 307c4cf0cec01251278a5201d04096f4b7afdb8ba2239801202adb1992c14ecb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0VpUEYgAAAAD+Y9U+BNi3QpLechQSxSyGQU1TMDRFREdFMTkxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAAAlnW/XmS/jQpaT2FfGHb/VRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes
content-length: 916

GET
H2 200 info-white.png
img2-azrcdn.newser.com/images/header/ 433 B
642 B 214ms
27ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/header/info-white.png
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20220201_1200/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a177a125d7384bd51ee15e3454c488ac0f2ba22a452f9bc3a96e29d2df4aef1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0cxEFYgAAAABiuDfacolaQplNfHHa3gR/QU1TMDRFREdFMTgwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAABNDgNMcoOQT6+SskR/GxFiRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 433

GET
H2 200 settings2-white.jpg
img1-azrcdn.newser.com/images/header/ 1 KB
2 KB 141ms
21ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/settings2-white.jpg
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20220201_1200/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bbfcf92c6c94d918c51be1bdf1f14098db1c7454b2f025fb7d2eed08d8d84703

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0MgQFYgAAAAAreH+FG2ZSTpMlk2mMqKvSQU1TMDRFREdFMTkyMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAADXafz8MzRGSIAo3pm2agX4RlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1244

GET
H2 200 newsletter_white.svg
img2-azrcdn.newser.com/images/header/ 912 B
1 KB 213ms
26ms Image
image/svg+xml 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/header/newsletter_white.svg
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20220201_1200/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 607ba5401803708cd7e7d54cb229467b42bcefa017c466d0290c2903989f9cec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0oNUEYgAAAACsrQ5FNbyBRZ4S4mecXPpXQU1TMDRFREdFMTkyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAAB+uG8vhQidSKKMl2pvIWvVRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes
content-length: 912

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 87ms
26ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,100,100italic,300,300italic,500,500italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newser.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 72748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 17:56:19 GMT

GET
H2 200 calendar_close.png
img1-azrcdn.newser.com/images/ 303 B
559 B 157ms
144ms Image
image/png 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/calendar_close.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a3942aea05f34d9aa17deb27766f216ce7bc0176e66b41518e5bdadb19400d67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
last-modified: Mon, 06 Jul 2020 18:04:06 GMT
x-azure-ref-originshield: 0hfAEYgAAAADcVcbyEz1eT4pBkE7cVKk7QU1TMDRFREdFMTkxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAAD+JF5YJ20QT4y4+FP3ayTXRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 303

GET
H2 200 left_month.png
img1-azrcdn.newser.com/images/ 274 B
508 B 158ms
144ms Image
image/png 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/left_month.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2f76122813dc216562d9a6c2d82279ff460696b28f8f66042399a02cf93732ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:46 GMT
last-modified: Mon, 06 Jul 2020 18:04:08 GMT
x-azure-ref-originshield: 0KpUEYgAAAAAtxB4qZOXwQKy08QQzc+19QU1TMDRFREdFMTkyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAADvrDrlQDG5RoupvSp9+KUkRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 274

GET
H2 200 right_month.png
img2-azrcdn.newser.com/images/ 259 B
493 B 425ms
414ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/right_month.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a0e3f7f11e3feb97a1b577675fcb17fb87538d414dc5342c96975b2bd2c94b86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
last-modified: Mon, 06 Jul 2020 18:04:09 GMT
x-azure-ref-originshield: 0hfAEYgAAAAAjDi+w432NQYa+eunmE+8jQU1TMDRFREdFMTkwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0bxwFYgAAAACACEikqZFwRbZvn1q+Lqo3RlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 259

GET
H/1.1 200
OK controlpage.aspx Show response
www.newser.com/ 83 KB
14 KB 183ms
182ms XHR
text/html 40.114.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newser.com/controlpage.aspx?control=storysquarecontainer&sectionid=1&SITEPAGENAME=Home&donotshowads=&gridrownum=49&squarewidth=320&squareheight=213&numgridrows=48&numgridcols=1&hardsoft=5&StartDate=&EndDate=&PickADate=&ShowPopular=N&PopularType=None&viewhardsoft=n&ajaxcall=y&autorefreshcall=n&lastrefreshdate=2/10/2022%208:08:46%20AM&firststorypubdate=2/10/2022%207:58:20%20AM&siteid=0&tagid=0&userid=0&taggroupid=0&type=&linkstorytype=&scrollcount=1&displayadsection=home&categoryid=0&channelid=0&ShowGridLeaderboardAds=false&ShowGridMobileAds=false&RenderUserFormat=false&StoryView=G&ShowStats=false&StoryId=0&ShowSimpleListView=True&ShowRolloversOverride=False&IsHeadlineTest=true&URLSubfolder=&Website=D&showipadads=N&ShowGridRepeatingAds=C1,C2,C4&GridFirstAdLocation=0&GridSubsequentAdLocation=0&OnClickOverride=&GridPositioning=&IsMobile=false
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/javascript/20220201_1200/jquery-1.12.4.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 40.114.51.62 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 41a8a336d2c79e9dde32f5a589309d17a0844bacb6b5b2d740ca4e42ee2b4f4b

Request headers

Accept: text/html
Referer: https://www.newser.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 14:08:47 GMT
Content-Encoding: gzip
max-age: 0
RawURL: /controlpage.aspx?control=storysquarecontainer&sectionid=1&SITEPAGENAME=Home&donotshowads=&gridrownum=49&squarewidth=320&squareheight=213&numgridrows=48&numgridcols=1&hardsoft=5&StartDate=&EndDate=&PickADate=&ShowPopular=N&PopularType=None&viewhardsoft=n&ajaxcall=y&autorefreshcall=n&lastrefreshdate=2/10/2022%208:08:46%20AM&firststorypubdate=2/10/2022%207:58:20%20AM&siteid=0&tagid=0&userid=0&taggroupid=0&type=&linkstorytype=&scrollcount=1&displayadsection=home&categoryid=0&channelid=0&ShowGridLeaderboardAds=false&ShowGridMobileAds=false&RenderUserFormat=false&StoryView=G&ShowStats=false&StoryId=0&ShowSimpleListView=True&ShowRolloversOverride=False&IsHeadlineTest=true&URLSubfolder=&Website=D&showipadads=N&ShowGridRepeatingAds=C1,C2,C4&GridFirstAdLocation=0&GridSubsequentAdLocation=0&OnClickOverride=&GridPositioning=&IsMobile=false
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache
Content-Length: 13084
Scheme: https

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 104ms
40ms Script
application/javascript 108.157.4.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-80.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 05:51:51 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 29820
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3ac8e795602d9d156b63546d3d0aaad0.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: o6nJzsH03O1Q1Qozw79_iGjQ4R1uHjNBS_Dq0PHYc-sm-tSB5t4iIg==

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 159ms
40ms Script
application/x-javascript 2600:9000:2315:8800:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:8800:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 12:27:20 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 22:23:33 GMT
server: nginx
age: 6087
etag: W/"61fc55e5-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: zEcIuGUd1zlhcrAVLK-dnHHFKYn97pyhOy1twqh8m2L02DLTuI4Anw==
expires: Thu, 10 Feb 2022 14:27:20 GMT

GET
H2 200 pixel.gif
load77.exelator.com/ 43 B
333 B 156ms
39ms Image
image/gif 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-77-nzt: AcO1ry8miiH/sw8IAA==
x-accel-expires: @1645010620
date: Thu, 10 Feb 2022 14:08:47 GMT
etag: "59f0c3fc-2b"
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: LD6a41PSr30=
x-77-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-cache: HIT
x-age: 528307
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 43

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 139ms
55ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=17856
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 trevor-bauer-wont-play-this-season.jpeg
img2-azrcdn.newser.com/square-image/310913-20220208192603-M/ 42 KB
42 KB 373ms
360ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/310913-20220208192603-M/trevor-bauer-wont-play-this-season.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c996a2172ff025b38c72d8b88c97f1f15a2708ca05a4651244285e965c4d913c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 04eQEYgAAAABSsXNmhbdHQpkPEMXKBOdWQU1TMDRFREdFMTkyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/310913-20220208192603-M/trevor-bauer-wont-play-this-season.jpeg
x-azure-ref: 0bxwFYgAAAADfkfgF/j04Q4704Z56qRZHRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 42754
scheme: https

GET
H2 200 omicron-found-in-wild-nyc-deer.jpeg
img2-azrcdn.newser.com/square-image/316677-20220208184129-M/ 41 KB
41 KB 383ms
370ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316677-20220208184129-M/omicron-found-in-wild-nyc-deer.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f24d5ceab16df0ebe74b3ea625052977a5835f6a85d978a6276905392937ee42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 04eQEYgAAAACmSZadOwTUQa1m2VVJ1/KvQU1TMDRFREdFMTkyMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316677-20220208184129-M/omicron-found-in-wild-nyc-deer.jpeg
x-azure-ref: 0bxwFYgAAAACO3twkiz98TKaLI0TckEmMRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 42128
scheme: https

GET
H2 200 record-31m-americans-to-bet-on-super-bowl.jpeg
img1-azrcdn.newser.com/square-image/316654-20220208181214-M/ 51 KB
51 KB 109ms
97ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316654-20220208181214-M/record-31m-americans-to-bet-on-super-bowl.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9a2f10dd2b10c4b801576563a39f54921f00ab8467844ff8ca0247745049350d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 05NUEYgAAAACqyNdnj+I6RJJ04XVnWiE0QU1TMDRFREdFMTkwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316654-20220208181214-M/record-31m-americans-to-bet-on-super-bowl.jpeg
x-azure-ref: 0bxwFYgAAAADPNjCbT1UBSIy5kjB6+E5oRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 51865
scheme: https

GET
H2 200 2-inmates-dead-after-tennessee-jailbreak.jpeg
img1-azrcdn.newser.com/square-image/316686-20220208172244-M/ 36 KB
37 KB 62ms
50ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316686-20220208172244-M/2-inmates-dead-after-tennessee-jailbreak.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a0b3e026c45205f24a8833bd01ec72b93ee872afaeed807675d9a6bac10c2ee5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0uhAFYgAAAACPHaSxsp+uSpLH9gzagMogQU1TMDRFREdFMTgxNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316686-20220208172244-M/2-inmates-dead-after-tennessee-jailbreak.jpeg
x-azure-ref: 0bxwFYgAAAADEQYVdWxipQZpEh3g0sCoxRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 37177
scheme: https

GET
H2 200 they-were-training-for-the-iditarod-then-an-attack.jpeg
img1-azrcdn.newser.com/square-image/316664-20220208213137-M/ 50 KB
50 KB 57ms
44ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316664-20220208213137-M/they-were-training-for-the-iditarod-then-an-attack.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1f83c6e52f7fb3a2096f808d8c40707450718934e76babd06b406d60447c6285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0j3oEYgAAAAAvlQD7frYzSqZZ31fVTg4OQU1TMDRFREdFMTgxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316664-20220208213137-M/they-were-training-for-the-iditarod-then-an-attack.jpeg
x-azure-ref: 0bxwFYgAAAADSNVk35zm5QZG434GxNJ9jRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 51321
scheme: https

GET
H2 200 indonesia-seeks-brave-soul-to-free-crocodile-from-tire.jpeg
img2-azrcdn.newser.com/square-image/286347-20220208163229-M/ 47 KB
47 KB 387ms
375ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/286347-20220208163229-M/indonesia-seeks-brave-soul-to-free-crocodile-from-tire.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 610b5867b25349d5a425713f4dcd8e8517419d12eaecf8019135ab7c47dbd249

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0KOcEYgAAAAA+98jwfPibQ7xUYRILCwT5QU1TMDRFREdFMTgxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/286347-20220208163229-M/indonesia-seeks-brave-soul-to-free-crocodile-from-tire.jpeg
x-azure-ref: 0bxwFYgAAAAAW3VQJOlDzQ4OUc6qIrddrRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 48243
scheme: https

GET
H2 200 markets-bounce-back-from-monday-losses.jpeg
img1-azrcdn.newser.com/square-image/316684-20220208163129-M/ 53 KB
53 KB 85ms
73ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316684-20220208163129-M/markets-bounce-back-from-monday-losses.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c001e6bdc104571f38cf9dad95263033fa4faab363f28a030d9de2a362ca22ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0KecEYgAAAADUkBIuM48fQ5wU9gAGt3SGQU1TMDRFREdFMTkxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316684-20220208163129-M/markets-bounce-back-from-monday-losses.jpeg
x-azure-ref: 0bxwFYgAAAACjPaLB9VPhQaLvCcjhJ/WPRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 54322
scheme: https

GET
H2 200 hired-to-protect-fsus-rare-books-he-allegedly-stole-5k.jpeg
img1-azrcdn.newser.com/square-image/316658-20220208154729-M/ 49 KB
49 KB 58ms
46ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316658-20220208154729-M/hired-to-protect-fsus-rare-books-he-allegedly-stole-5k.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c21ff3192471bf1d4f68708aac54eaf59463429acf1906a544cf3c12702e6edc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0mvIEYgAAAACYoGhkRS4KRLvVCffF8RBSQU1TMDRFREdFMTgxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316658-20220208154729-M/hired-to-protect-fsus-rare-books-he-allegedly-stole-5k.jpeg
x-azure-ref: 0bxwFYgAAAACkwC/U91cWTY2yxaE8KuLARlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 50300
scheme: https

GET
H2 200 feds-seize-mind-boggling-sum-after-crypto-hack.jpeg
img1-azrcdn.newser.com/square-image/316674-20220208193455-M/ 47 KB
47 KB 66ms
54ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316674-20220208193455-M/feds-seize-mind-boggling-sum-after-crypto-hack.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 487d497fea7fd79be4e6487ea5a363a9212cd57a0cd05db7821dee613fa2566b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0dQ8FYgAAAABMWM/DPf63T4AajVTWcMxcQU1TMDRFREdFMTkxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316674-20220208193455-M/feds-seize-mind-boggling-sum-after-crypto-hack.jpeg
x-azure-ref: 0bxwFYgAAAADWC7xs/N/FSYAIFYjbAMQPRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 48077
scheme: https

GET
H2 200 olympic-fury-they-destroyed-womens-ski-jumping.jpeg
img2-azrcdn.newser.com/square-image/316673-20220208144714-M/ 45 KB
45 KB 395ms
383ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316673-20220208144714-M/olympic-fury-they-destroyed-womens-ski-jumping.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a06fb4abe16babaaeadb861c94d91f0ef01155bf0968f05eff8cb473655dbc53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0KecEYgAAAABnPTFP/qPoQLMhDAhhiEsgQU1TMDRFREdFMTgxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316673-20220208144714-M/olympic-fury-they-destroyed-womens-ski-jumping.jpeg
x-azure-ref: 0bxwFYgAAAACZ/lX7zUklR6E6PQUg5lLXRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45793
scheme: https

GET
H2 200 you-may-not-like-it-deal-with-it-my-gorgeous.jpeg
img1-azrcdn.newser.com/square-image/316676-20220208140514-M/ 47 KB
47 KB 70ms
59ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316676-20220208140514-M/you-may-not-like-it-deal-with-it-my-gorgeous.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a5ebbcbf3ef436203733d88eae3d7dbfcb95fe4e7738753e41d025b4423b8209

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0mvIEYgAAAABnDOvVPiKwQbZrAUlK5xJQQU1TMDRFREdFMTgxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316676-20220208140514-M/you-may-not-like-it-deal-with-it-my-gorgeous.jpeg
x-azure-ref: 0bxwFYgAAAABuBMbRcLtaTrvMnwlK0rB4RlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 47922
scheme: https

GET
H2 200 benedict-seeks-forgiveness-over-handling-of-abuse-cases.jpeg
img2-azrcdn.newser.com/square-image/316659-20220208134229-M/ 35 KB
35 KB 399ms
388ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316659-20220208134229-M/benedict-seeks-forgiveness-over-handling-of-abuse-cases.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e7644b97cd15d541ee8efdddbed25a37fd42fc7cd93ac63b12eed0769d09ab2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0dQ8FYgAAAADo6OREFadXQZHt22ulwuLYQU1TMDRFREdFMTgwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316659-20220208134229-M/benedict-seeks-forgiveness-over-handling-of-abuse-cases.jpeg
x-azure-ref: 0bxwFYgAAAABDxc92MZOMRrXoaU/SsiarRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 35672
scheme: https

GET
H2 200 city-will-dismantle-historic-bridge-to-let-bezos-yacht-through.jpeg
img1-azrcdn.newser.com/square-image/316448-20220208125744-M/ 51 KB
52 KB 137ms
126ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316448-20220208125744-M/city-will-dismantle-historic-bridge-to-let-bezos-yacht-through.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5d6ca91a73c6e81f9f19a486b78453f604129c5d0578ba4f5001bad2c5f92b4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0dQ8FYgAAAAA6M658A96XR7yAPP6OshtMQU1TMDRFREdFMTkwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316448-20220208125744-M/city-will-dismantle-historic-bridge-to-let-bezos-yacht-through.jpeg
x-azure-ref: 0bxwFYgAAAAACwe/7bq4YTrHej91lp/AKRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 52671
scheme: https

GET
H2 200 this-years-oscar-snubs.jpeg
img1-azrcdn.newser.com/square-image/316672-20220208123659-M/ 48 KB
48 KB 85ms
74ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316672-20220208123659-M/this-years-oscar-snubs.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e867f87111f65396a5f4b097ad0e96f24add74dae047836d1ac1a2eb02c83f55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0KecEYgAAAACA3YLrLpiARoPUEhEY1RbBQU1TMDRFREdFMTgxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316672-20220208123659-M/this-years-oscar-snubs.jpeg
x-azure-ref: 0bxwFYgAAAACZVhm4lk+GTqHVfDhqatT5RlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 48889
scheme: https

GET
H2 200 skateboarder-of-youtube-fame-dies-in-plane-crash.jpeg
img2-azrcdn.newser.com/square-image/316669-20220208121414-M/ 46 KB
46 KB 404ms
393ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316669-20220208121414-M/skateboarder-of-youtube-fame-dies-in-plane-crash.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9a7070750fc92774e2f5034558dea06e661b18a9cd1d35274c3dfbf60a381312

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0HhsFYgAAAADkNt7lAOXSTbj0HNaK7QtNQU1TMDRFREdFMTgxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316669-20220208121414-M/skateboarder-of-youtube-fame-dies-in-plane-crash.jpeg
x-azure-ref: 0bxwFYgAAAABvFU1faqi9Q4X9uUD9GBYkRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 46617
scheme: https

GET
H2 200 new-zealand-has-a-freedom-convoy-too.jpeg
img2-azrcdn.newser.com/square-image/316671-20220208115429-M/ 61 KB
62 KB 416ms
405ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316671-20220208115429-M/new-zealand-has-a-freedom-convoy-too.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a15c1fbe65bd22ff2b95aa7554e66a252abd68e3956432a76c07cef01fbf05dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0j3oEYgAAAABrMo81A5iyS72vveL8G4IXQU1TMDRFREdFMTgwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316671-20220208115429-M/new-zealand-has-a-freedom-convoy-too.jpeg
x-azure-ref: 0bxwFYgAAAABe1EQEyTwXQrZkPxgKAWgSRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 62957
scheme: https

GET
H2 200 only-humans-were-known-to-do-this-until-now.jpeg
img2-azrcdn.newser.com/square-image/316641-20220209115127-M/ 59 KB
59 KB 434ms
423ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316641-20220209115127-M/only-humans-were-known-to-do-this-until-now.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5f83759101de21742ea86e44aee05aeb189f7c03393f3b9a09d7cf4155772512

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0KpUEYgAAAACfPTL7GrtuT7AFnwGIXbCNQU1TMDRFREdFMTgxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316641-20220209115127-M/only-humans-were-known-to-do-this-until-now.jpeg
x-azure-ref: 0bxwFYgAAAAByzqQ8boPZTagVu+iDklYkRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 60576
scheme: https

GET
H2 200 judge-air-force-was-60-responsible-for-mass-shooting.jpeg
img1-azrcdn.newser.com/square-image/308286-20220209011035-M/ 45 KB
45 KB 143ms
132ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/308286-20220209011035-M/judge-air-force-was-60-responsible-for-mass-shooting.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1dffd76afd4bbbb8e0bd53d68b19afd5d9baa3ec80151664427f3a06ed5822f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 05dUEYgAAAAAnoXPN3jA2T6h2ove1g0VdQU1TMDRFREdFMTkyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/308286-20220209011035-M/judge-air-force-was-60-responsible-for-mass-shooting.jpeg
x-azure-ref: 0bxwFYgAAAACCorBIu1NPT7q52jyrlVM6RlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45824
scheme: https

GET
H2 200 gop-censured-2-of-its-own-and-a-backlash-is-growing.jpeg
img1-azrcdn.newser.com/square-image/316648-20220208103214-M/ 49 KB
49 KB 147ms
137ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316648-20220208103214-M/gop-censured-2-of-its-own-and-a-backlash-is-growing.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e5f99c73f77e7e856dbde649c3c238695d2cba750eb5eddf39e659f4bbd74cae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0+MQEYgAAAACzs2hRbIv5Qr5hkjJORqMfQU1TMDRFREdFMTkyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316648-20220208103214-M/gop-censured-2-of-its-own-and-a-backlash-is-growing.jpeg
x-azure-ref: 0bxwFYgAAAABl4u+nNzP8RJ2ElYL4Dlt/RlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 50077
scheme: https

GET
H2 200 gambling-nun-who-stole-835k-is-very-remorseful.jpeg
img1-azrcdn.newser.com/square-image/307210-20220208101244-M/ 54 KB
54 KB 151ms
141ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307210-20220208101244-M/gambling-nun-who-stole-835k-is-very-remorseful.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ee315c1f301201947e15894061ed8c938cf9fbbc9e579051ffbf38d20dcc1514

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0MAkFYgAAAAA8wQLY6Y5zTKA9D2rEbofgQU1TMDRFREdFMTgxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307210-20220208101244-M/gambling-nun-who-stole-835k-is-very-remorseful.jpeg
x-azure-ref: 0bxwFYgAAAACkCEW+6NoKR4pCj8yZ/3t4RlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 55318
scheme: https

GET
H2 200 peloton-ceo-whod-hoped-to-disrupt-industry-stepping-down.jpeg
img2-azrcdn.newser.com/square-image/316655-20220208095214-M/ 40 KB
40 KB 438ms
428ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316655-20220208095214-M/peloton-ceo-whod-hoped-to-disrupt-industry-stepping-down.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 78e713d61e23a0c14f9db06d281b5a27b90e00a33080a80e56451f27ecbc87cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0j3oEYgAAAAB0NSU0lxnwSLcBTY9CFzO2QU1TMDRFREdFMTgxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316655-20220208095214-M/peloton-ceo-whod-hoped-to-disrupt-industry-stepping-down.jpeg
x-azure-ref: 0bxwFYgAAAAAWUZBKyaNHQJYLY9siPYPCRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 40984
scheme: https

GET
H2 200 leslie-jones-might-end-much-loved-olympics-commentary.jpeg
img2-azrcdn.newser.com/square-image/316619-20220208090724-M/ 38 KB
38 KB 449ms
439ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316619-20220208090724-M/leslie-jones-might-end-much-loved-olympics-commentary.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6018c5f742fe70dee691aa0c4d3e9c3e55d2afc7198132e40d5f5ee1d082b674

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0mvIEYgAAAABhKaO6TH6gT5bFkR8YgIgJQU1TMDRFREdFMTgxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316619-20220208090724-M/leslie-jones-might-end-much-loved-olympics-commentary.jpeg
x-azure-ref: 0bxwFYgAAAACi98K+rZkdRYxVBO3SjDPuRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 38621
scheme: https

GET
H2 200 in-return-to-jobs-a-huge-gender-gap.jpeg
img1-azrcdn.newser.com/square-image/316652-20220208085729-M/ 42 KB
42 KB 73ms
63ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316652-20220208085729-M/in-return-to-jobs-a-huge-gender-gap.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8719e20ffd509f93b8152944bdca492f4374157f581945e5f1d8669e4bc5583d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0mvIEYgAAAAB+Upv1r538S7TpkUC+9voNQU1TMDRFREdFMTkwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316652-20220208085729-M/in-return-to-jobs-a-huge-gender-gap.jpeg
x-azure-ref: 0bxwFYgAAAABjCxlC5VH7RY9bzIPAjbKORlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 42912
scheme: https

GET
H2 200 here-are-your-oscar-nominations.jpeg
img1-azrcdn.newser.com/square-image/316666-20220208094808-M/ 42 KB
43 KB 122ms
112ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316666-20220208094808-M/here-are-your-oscar-nominations.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8bb173f860cbb01cec39cc694d74849f6421fc288a7962c9be29fefa76a58a2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0mvIEYgAAAADU7qzibuY5Ro66rAUhz0J7QU1TMDRFREdFMTkwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316666-20220208094808-M/here-are-your-oscar-nominations.jpeg
x-azure-ref: 0bxwFYgAAAAA2e5O84nu8SqsfcrjsnRXARlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 43388
scheme: https

GET
H2 200 a-week-into-retirement-brady-has-3-cryptic-words.jpeg
img1-azrcdn.newser.com/square-image/316650-20220208080814-M/ 41 KB
41 KB 132ms
122ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316650-20220208080814-M/a-week-into-retirement-brady-has-3-cryptic-words.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 855f1ce0e81fa24e05ffbc5193f6c2fd3716819078d9b64684ddd4cd6e95a53a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0HhsFYgAAAAD1agRz99T0R4rlKjM+C2RQQU1TMDRFREdFMTgxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316650-20220208080814-M/a-week-into-retirement-brady-has-3-cryptic-words.jpeg
x-azure-ref: 0bxwFYgAAAABZxnwu3HUCS7FI3Dcw/G6cRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 41555
scheme: https

GET
H2 200 journalist-isnt-so-sure-all-is-ok-with-peng-shuai.jpeg
img2-azrcdn.newser.com/square-image/316653-20220208081214-M/ 43 KB
43 KB 450ms
440ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316653-20220208081214-M/journalist-isnt-so-sure-all-is-ok-with-peng-shuai.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 03f63118e0ab22bf9737008e152baed9725ceff2aa0bb9a0f28d66c0ede24541

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0j3oEYgAAAABSNExeQKolQa1xVK49IBp/QU1TMDRFREdFMTkyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316653-20220208081214-M/journalist-isnt-so-sure-all-is-ok-with-peng-shuai.jpeg
x-azure-ref: 0bxwFYgAAAADSo9lJ1NC2SrK0KRO5s+76RlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 43936
scheme: https

GET
H2 200 neil-young-has-a-word-of-advice-for-spotify-workers.jpeg
img2-azrcdn.newser.com/square-image/316647-20220208073859-M/ 37 KB
37 KB 460ms
451ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316647-20220208073859-M/neil-young-has-a-word-of-advice-for-spotify-workers.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7247d1d894b849557fe28092ea33c57e473989376a7837c347e151204d210d2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0mvIEYgAAAABbYSmjIMu8Q65phIMNIfALQU1TMDRFREdFMTkxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316647-20220208073859-M/neil-young-has-a-word-of-advice-for-spotify-workers.jpeg
x-azure-ref: 0bxwFYgAAAADIYvgzH4hsT5pLHwbuVb+RRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 37924
scheme: https

GET
H2 200 eileen-gu-is-a-golden-girl.jpeg
img1-azrcdn.newser.com/square-image/316646-20220208064629-M/ 47 KB
47 KB 644ms
635ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316646-20220208064629-M/eileen-gu-is-a-golden-girl.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6adac3e6cebe62d0e7c72beb62adb76c392b32b4b650294c770f8141899529f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0dg8FYgAAAADr5inUPTWHSJj1UuR0ghNkQU1TMDRFREdFMTkxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316646-20220208064629-M/eileen-gu-is-a-golden-girl.jpeg
x-azure-ref: 0bxwFYgAAAABHexrsl4BvRITnavOSwiu1RlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 48193
scheme: https

GET
H2 200 judge-to-truckers-in-canada-stop-honking.jpeg
img1-azrcdn.newser.com/square-image/316638-20220208055914-M/ 60 KB
60 KB 126ms
117ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316638-20220208055914-M/judge-to-truckers-in-canada-stop-honking.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a46565f75fd51d361f1f30b6296e1f259a7dbeef6ef7f5ab7b87f72512d8fea2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0MAkFYgAAAAD621HsbFUNSYKN7CmdTAiRQU1TMDRFREdFMTkxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316638-20220208055914-M/judge-to-truckers-in-canada-stop-honking.jpeg
x-azure-ref: 0bxwFYgAAAABKo1GUdh5gQpaau6/+a9M5RlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 61006
scheme: https

GET
H2 200 dozens-of-dead-turtles-are-washing-up-on-this-beach.jpeg
img1-azrcdn.newser.com/square-image/316644-20220208055129-M/ 45 KB
45 KB 649ms
640ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316644-20220208055129-M/dozens-of-dead-turtles-are-washing-up-on-this-beach.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c85f418b58dc4db60034c36fefb465140df4a1bc710fcf1699772786550fa623

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0MAkFYgAAAABXfvJMwxncSKoMiSxOyqaTQU1TMDRFREdFMTgwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316644-20220208055129-M/dozens-of-dead-turtles-are-washing-up-on-this-beach.jpeg
x-azure-ref: 0bxwFYgAAAABdK7JmxiezR56n+bQbDN7xRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45899
scheme: https

GET
H2 200 florida-cops-no-title-could-explain-this-case.jpeg
img1-azrcdn.newser.com/square-image/316628-20220208050638-M/ 46 KB
46 KB 651ms
642ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316628-20220208050638-M/florida-cops-no-title-could-explain-this-case.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e648b2f4beaaa6533dd4fff5bd87b3888af517b914aae5b8cd17e2518f3cfe60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0j3oEYgAAAABllERKSuNlTaWsgm5pQ/btQU1TMDRFREdFMTkxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316628-20220208050638-M/florida-cops-no-title-could-explain-this-case.jpeg
x-azure-ref: 0bxwFYgAAAABiPQaqZsBLSa85qEbkF+/WRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 47024
scheme: https

GET
H2 200 gawker-obtains-kyrsten-sinemas-divorce-papers-social-security-number.jpeg
img2-azrcdn.newser.com/square-image/316635-20220208043806-M/ 44 KB
44 KB 482ms
473ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316635-20220208043806-M/gawker-obtains-kyrsten-sinemas-divorce-papers-social-security-number.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 17b642455daa38d205e7531e28e4bb9b9d58ef5a10d314182238cbbd88f1e3ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0dg8FYgAAAADds5Afven3RKAIqP9MGLihQU1TMDRFREdFMTkxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316635-20220208043806-M/gawker-obtains-kyrsten-sinemas-divorce-papers-social-security-number.jpeg
x-azure-ref: 0bxwFYgAAAABRwMEJQBbbQb42ehld4/myRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 44889
scheme: https

GET
H2 200 amid-blaccent-criticism-awkwafina-quits-twitter.jpeg
img2-azrcdn.newser.com/square-image/316639-20220208054905-M/ 43 KB
44 KB 486ms
477ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316639-20220208054905-M/amid-blaccent-criticism-awkwafina-quits-twitter.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c95cd9d436e7cf0e70d691d81a7dad1f19a2ae82c493f7f104b8126508596a89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0MAkFYgAAAAAdypu7tcGKR4ch3kJWhOdIQU1TMDRFREdFMTgxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316639-20220208054905-M/amid-blaccent-criticism-awkwafina-quits-twitter.jpeg
x-azure-ref: 0bxwFYgAAAAA0ViE2njI4SbikoiFuZ6HzRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 44357
scheme: https

GET
H2 200 alabama-supreme-court-ruling-is-good-news-for-gop.jpeg
img1-azrcdn.newser.com/square-image/316636-20220208061304-M/ 54 KB
54 KB 654ms
645ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316636-20220208061304-M/alabama-supreme-court-ruling-is-good-news-for-gop.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bd600ed5853d0bf793be53ad0c5267c88da6851238dd8975474e818aa09546d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0L9cEYgAAAACEEMVDlygzRJqxBzpcVusFQU1TMDRFREdFMTkwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316636-20220208061304-M/alabama-supreme-court-ruling-is-good-news-for-gop.jpeg
x-azure-ref: 0bxwFYgAAAABmjce2cpHWTqQARB0rz9rPRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 55089
scheme: https

GET
H2 200 top-biden-science-adviser-sorry-for-my-conduct.jpeg
img2-azrcdn.newser.com/square-image/316531-20220208003159-M/ 44 KB
44 KB 501ms
492ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316531-20220208003159-M/top-biden-science-adviser-sorry-for-my-conduct.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1846ca8d37dd7aac3fc217e579d1922142aa9e3ee189d321f0f764cd9252a4b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0UMMEYgAAAACEIx6Uh6dsQJbnFBM0968+QU1TMDRFREdFMTgxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316531-20220208003159-M/top-biden-science-adviser-sorry-for-my-conduct.jpeg
x-azure-ref: 0bxwFYgAAAACMBDm+gM2oSJftNVJIj1o+RlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45080
scheme: https

GET
H2 200 irs-drops-facial-recognition-plan.jpeg
img2-azrcdn.newser.com/square-image/316631-20220207195900-M/ 42 KB
43 KB 503ms
495ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316631-20220207195900-M/irs-drops-facial-recognition-plan.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4e42171e76b77a3c197a7341199635ebb402ca532da70c70d3b0fbc3a99fe6a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0mvIEYgAAAABytmqo/DobSI28uNZ9/47mQU1TMDRFREdFMTgxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316631-20220207195900-M/irs-drops-facial-recognition-plan.jpeg
x-azure-ref: 0bxwFYgAAAACUXjJmWA2JSLFvr0ljQpi/RlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 43392
scheme: https

GET
H2 200 peter-thiel-to-leave-facebook-for-politics.jpeg
img1-azrcdn.newser.com/square-image/316634-20220207195015-M/ 35 KB
35 KB 115ms
109ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316634-20220207195015-M/peter-thiel-to-leave-facebook-for-politics.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f7757ecd11b43d67f4285261688b539b331b0a94f4352776db0983fdb09c5ee9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0HhsFYgAAAADamd1QueGzRJvtspZ3KEHbQU1TMDRFREdFMTkwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316634-20220207195015-M/peter-thiel-to-leave-facebook-for-politics.jpeg
x-azure-ref: 0bxwFYgAAAADIpQlFXFS7QpMuotHQtrwQRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 35726
scheme: https

GET
H2 200 justice-dept-is-evaluating-safe-injection-sites.jpeg
img1-azrcdn.newser.com/square-image/316632-20220207190530-M/ 48 KB
49 KB 110ms
104ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316632-20220207190530-M/justice-dept-is-evaluating-safe-injection-sites.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ed8d47f657eb5585214a083e742d89d7b876a3f4ca6428cd539beaaaf870ce11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0+MQEYgAAAACKjcUgOdHRRIo+FlWELaVLQU1TMDRFREdFMTkxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316632-20220207190530-M/justice-dept-is-evaluating-safe-injection-sites.jpeg
x-azure-ref: 0bxwFYgAAAAB0lYRL7wA5Tr99FxNXLaOORlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 49340
scheme: https

GET
H2 200 desantis-stays-out-of-trump-pence-battle.jpeg
img2-azrcdn.newser.com/square-image/316633-20220207184000-M/ 42 KB
42 KB 512ms
505ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316633-20220207184000-M/desantis-stays-out-of-trump-pence-battle.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 607a2fa0cd9f2f544f9ef9984dade24ca7932cd4774a3d9a20475ee55f4038e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0j3oEYgAAAAAlapRzdCKyQph24DnZzOG2QU1TMDRFREdFMTgwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316633-20220207184000-M/desantis-stays-out-of-trump-pence-battle.jpeg
x-azure-ref: 0bxwFYgAAAACUycZt00r1R7a2CZVdR3sYRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 42705
scheme: https

GET
H2 200 biden-threatens-russia-on-pipeline.jpeg
img1-azrcdn.newser.com/square-image/316630-20220207175800-M/ 44 KB
45 KB 656ms
650ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316630-20220207175800-M/biden-threatens-russia-on-pipeline.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1f85847121f1ce57df31bb67a0c839db231e07a65e03d10f05e94fb8f7aad3a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0KecEYgAAAABjyuA4vUsJT5JEqb0RmzErQU1TMDRFREdFMTgwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316630-20220207175800-M/biden-threatens-russia-on-pipeline.jpeg
x-azure-ref: 0bxwFYgAAAABt9X7K3PEjTpy2agsfemOlRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45317
scheme: https

GET
H2 200 north-koreas-cyberthefts-fund-missile-program-un-report.jpeg
img2-azrcdn.newser.com/square-image/316577-20220207173814-M/ 43 KB
43 KB 514ms
508ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316577-20220207173814-M/north-koreas-cyberthefts-fund-missile-program-un-report.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cf622e740fc0675d3a5ad8d815b6683c9275ef07cd1204e106d295e0250ca496

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0MAkFYgAAAAA+44zobaUiRakbSBN2NQ8UQU1TMDRFREdFMTkxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316577-20220207173814-M/north-koreas-cyberthefts-fund-missile-program-un-report.jpeg
x-azure-ref: 0bxwFYgAAAAB38EyYSESjT6dVyAFz6qC/RlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 43533
scheme: https

GET
H2 200 joe-rogan-offered-100m-to-quit-spotify.jpeg
img2-azrcdn.newser.com/square-image/316627-20220207164945-M/ 39 KB
40 KB 515ms
509ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316627-20220207164945-M/joe-rogan-offered-100m-to-quit-spotify.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2afbf9615c6874ba1d3595241e1f73e4a76e7665b5b09aeddfc31ec01e4ebbd3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0HhsFYgAAAABJEABQwXv+RLcy+FqVXVZHQU1TMDRFREdFMTkwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316627-20220207164945-M/joe-rogan-offered-100m-to-quit-spotify.jpeg
x-azure-ref: 0bxwFYgAAAAAYV6KLtRzSQrn+xU3mflAwRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 40387
scheme: https

GET
H2 200 asked-if-hell-survive-johnson-channels-gloria-gaynor.jpeg
img1-azrcdn.newser.com/square-image/316624-20220207194302-M/ 45 KB
46 KB 659ms
653ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316624-20220207194302-M/asked-if-hell-survive-johnson-channels-gloria-gaynor.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c1c410ec6e79ed2c707ff01022888f427ff0480d03c66fbd11bc5ced5f28c36e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 05tUEYgAAAACW2uqOkB9rRqZn/h1BRGG7QU1TMDRFREdFMTgxNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316624-20220207194302-M/asked-if-hell-survive-johnson-channels-gloria-gaynor.jpeg
x-azure-ref: 0bxwFYgAAAABXDSzHTVn9SIAF0z/ZktoWRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 46531
scheme: https

GET
H2 200 tyson-foods-jumps-122-after-strong-results.jpeg
img2-azrcdn.newser.com/square-image/316629-20220207161530-M/ 53 KB
53 KB 516ms
510ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316629-20220207161530-M/tyson-foods-jumps-122-after-strong-results.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8ffa89579cea903c174de2a97fd2465b39ea3c8658c2b71cf47d01442b585f1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0HhsFYgAAAADwmctQGZYWRLIW1VAg2otQQU1TMDRFREdFMTgwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316629-20220207161530-M/tyson-foods-jumps-122-after-strong-results.jpeg
x-azure-ref: 0bxwFYgAAAAAKSdgowlS0QJEj/IpcMmn/RlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 54124
scheme: https

GET
H2 200 cuomo-isnt-ruling-out-another-run-for-office.jpeg
img1-azrcdn.newser.com/square-image/316622-20220207153030-M/ 29 KB
29 KB 673ms
668ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316622-20220207153030-M/cuomo-isnt-ruling-out-another-run-for-office.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 34fb7558484649970c8f43cadf0e8ff3c7ec1710c705bd4ee2af9be7b8a9d059

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 05tUEYgAAAACfNL0VTquiTbqMD64z+VGTQU1TMDRFREdFMTgxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316622-20220207153030-M/cuomo-isnt-ruling-out-another-run-for-office.jpeg
x-azure-ref: 0bxwFYgAAAAAKjDXPIbsyQbh4pWATT+QKRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 29286
scheme: https

GET
H2 200 implant-results-in-dramatic-first-for-paralyzed-man.jpeg
img2-azrcdn.newser.com/square-image/316623-20220207145030-M/ 49 KB
49 KB 553ms
548ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316623-20220207145030-M/implant-results-in-dramatic-first-for-paralyzed-man.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 05861820d5bb5ccf74b74c3292421fbb39dbedbcf048ffb1ce1fb3e3514ed853

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0KecEYgAAAACeBoRRXx/ZR4gqFHrhV0b0QU1TMDRFREdFMTgxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316623-20220207145030-M/implant-results-in-dramatic-first-for-paralyzed-man.jpeg
x-azure-ref: 0bxwFYgAAAAAWeno2hoEKT4kNgQ3uPt2mRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 50161
scheme: https

GET
H2 200 germany-is-returning-remains-of-dozens-of-native-hawaiians.jpeg
img1-azrcdn.newser.com/square-image/316626-20220207143015-M/ 51 KB
52 KB 674ms
669ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316626-20220207143015-M/germany-is-returning-remains-of-dozens-of-native-hawaiians.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 43aec706c5373a214bad13f63e6e4d0346cb44e1a9e69ab1926ea0e466c75869

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 0KecEYgAAAADXRiXXywEcRa+OnyHVytgmQU1TMDRFREdFMTgxNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316626-20220207143015-M/germany-is-returning-remains-of-dozens-of-native-hawaiians.jpeg
x-azure-ref: 0bxwFYgAAAABfZdPfOOIJSa8TSxZsowafRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 52423
scheme: https

GET
H2 200 peloton-shares-surge-amid-buyout-rumors.jpeg
img1-azrcdn.newser.com/square-image/316620-20220207141045-M/ 39 KB
39 KB 135ms
130ms Image
image/jpeg 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316620-20220207141045-M/peloton-shares-surge-amid-buyout-rumors.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 282e5129aa662303af722b9cbb666f030c8999af37995f02c2d04dbd69f75647

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
x-azure-ref-originshield: 05tUEYgAAAAAg7gHkk01UTr6YzB4RDVdeQU1TMDRFREdFMTgxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316620-20220207141045-M/peloton-shares-surge-amid-buyout-rumors.jpeg
x-azure-ref: 0bxwFYgAAAADLayTnj3E8RIn1X3S+5uVURlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 39972
scheme: https

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
53 KB 233ms
113ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: newser.com
URL: https://newser.com/ED41_Jt/dSkYOXb/RhjLGBJnEp/kbhhrvCB.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af77a5d8807becf834681ebcd01206b1b9cbd208f101efb6fca81036e2aad964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53985
x-xss-protection: 0
server: cafe
etag: 1460943128417363961
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 10 Feb 2022 14:08:47 GMT

GET
H2 200 advertising.js Show response
rddywd.com/ 9 B
600 B 265ms
89ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: newser.com
URL: https://newser.com/ED41_Jt/dSkYOXb/RhjLGBJnEp/kbhhrvCB.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15501
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9
last-modified: Thu, 10 Feb 2022 09:50:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OGJrW8G7jD4xLu%2BSdlsaLjOoujx3q4FxnTswEeRoku2MZrLgad7PJwCcI1VlsRAigCzy1EqatOAgtTQeZohdmBv9E9hUiv9%2BcYezai3FifF%2Ff%2FK32TX%2BIISuoxlsFT0LL5%2FP1O80UFDv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 6db5e95addcc5c44-FRA

GET
H2 200 adcode.png
rddywd.com/ 43 B
621 B 591ms
35ms Image
image/gif 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newser.com/
Origin: https://www.newser.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78835
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHOffudAEDnqzaJvfemNLDsJx0Zs7FYmvhIAhz4y04tm4EpsxYGK8Bwm8B4uoB9TdXx3WV9ja16Q38JGgetnT4rhm8FccXLivETdjGR5GHjEnkQM8ZaMbGNsPT%2FIWs5YJAwXNE6ZGgak"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 6db5e95d0c2692b4-FRA

GET
H2 204 generate_204
www.googleapis.com/ 0
178 B 550ms
380ms Image
text/plain 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/newser/ 1005 B
556 B 255ms
254ms Script
application/javascript 2.21.140.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/newser/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.140.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-111.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 870c196156856ec66eb4e1d7b376eca50e218883c93775524484b4fe4603f5ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
content-encoding: gzip
etag: -1912583789--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=58, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 379

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 218ms
215ms Script
application/javascript 2.21.140.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=62051c6f32604604&bkl=0&bl=1&pdt=1462&sid=62051c6f32604604&pub=newser&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.newser.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1644502127656&jsl=143521&uvs=62051c6fa6742429000&skipb=1&callback=addthis.cbs.jsonp__62635746017312190
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.140.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-111.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4294b6529a932126f0842e940aebf8b66922fcd529df583cb1fa548370b35e40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 14:08:47 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 9DD8 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 9DA9 71 KB
26 KB 99ms
98ms Document
text/html 2.21.140.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.140.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-140-111.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Thu, 10 Feb 2022 14:08:47 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H/1.1 200
OK widget_iframe.4e067713e19d4fff483536ddc4df18b9.html Show response
platform.twitter.com/widgets/ Frame 516E 319 KB
104 KB 75ms
74ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.4e067713e19d4fff483536ddc4df18b9.html?origin=https%3A%2F%2Fwww.newser.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 154806
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 10 Feb 2022 14:08:47 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Tue, 01 Feb 2022 20:00:09 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6712)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1002041595&utmhn=www.newser.com&utme=8(PWA*ABTesting1*LastRefDomain*OrigRef*UserClassification)9(N*B*direct*direct*P)11(1*3!2*1*...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1055596-4&cid=151998209.1644502128&jid=745001356&_v=5.7.2&z=1002041595

35 B
430 B

156ms
53ms

Image
image/gif

2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1055596-4&cid=151998209.1644502128&jid=745001356&_v=5.7.2&z=1002041595

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 10 Feb 2022 14:08:47 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Feb 2022 14:08:47 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1055596-4&cid=151998209.1644502128&jid=745001356&_v=5.7.2&z=1002041595
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 368
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
110 B 90ms
90ms Image
image/gif 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=2000847424&utmhn=www.newser.com&utme=8(PWA*ABTesting1*LastRefDomain*OrigRef*UserClassification)9(N*B*direct*direct*P)11(1*3!2*1*1)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&utmhid=1784752289&utmr=-&utmp=%2F&utmht=1644502127735&utmac=UA-1055596-9&utmcc=__utma%3D116631449.151998209.1644502128.1644502128.1644502128.1%3B%2B__utmz%3D116631449.1644502128.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1819944438&utmredir=1&utmmt=1&utmu=qQAgAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 14:08:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 videoCard.1451368a7b5e945a3252.js Show response
cdn.intergient.com/pageos/1.6.34/ 551 B
998 B 42ms
42ms Script
application/javascript 2600:9000:2250:9600:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.6.34/videoCard.1451368a7b5e945a3252.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 411626d5e8eb3616fad95e39e91afe59dcfd424b9492c2c43c76a5199dc69768

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 14:47:37 GMT
via: 1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
last-modified: Mon, 31 Jan 2022 13:48:56 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643636929/ctime:1643636929/gid:20/gname:staff/md5:bfb44d87e9e552efe6f335d770ab135a/mode:33188/mtime:1643636929/uid:501/uname:thomascreamer
age: 84071
etag: "bfb44d87e9e552efe6f335d770ab135a"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
content-length: 551
x-amz-cf-id: 32zLN0gE8n1ElK62w7XcD9aBGb18r97V_0zGW4S-3gwAWiC6NWyB_A==

GET
H2 200 batchHandler.cf8da702ed619bc8d371.js Show response
cdn.intergient.com/pageos/1.6.34/ 3 KB
2 KB 42ms
42ms Script
application/javascript 2600:9000:2250:9600:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.6.34/batchHandler.cf8da702ed619bc8d371.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ff8684ee0e3acfe08494f09ab05494bc7cc842af6834e3877eb160a949f0c7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 01:35:15 GMT
content-encoding: br
last-modified: Mon, 31 Jan 2022 13:48:52 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643636929/ctime:1643636929/gid:20/gname:staff/md5:edd43592b91921f505b47b87a549edb8/mode:33188/mtime:1643636929/uid:501/uname:thomascreamer
age: 45786
etag: W/"edd43592b91921f505b47b87a549edb8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: ghBFbhaBa1zvm50ehrpUJ97AAuRnmFBeOsnz7ElCfHNzEeT07sw2rg==

GET
H2 200 banner.json Show response
config.playwire.com/1024100/v2/websites/72343/ 580 KB
9 KB 203ms
52ms XHR
application/json 2600:9000:223c:3600:1a:1459:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.playwire.com/1024100/v2/websites/72343/banner.json
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:3600:1a:1459:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 912c556529d3560251b6a0a40ada424f1520edfd206838090667b02bbed3d19f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 01:50:01 GMT
via: 1.1 vegur, 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
vary: Accept-Encoding
age: 44326
x-cache: Hit from cloudfront
content-encoding: br
server: Cowboy
access-control-max-age: 1728000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: hw-country-code
cache-control: public, max-age=600
hw-country-code: DE
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: s-POo1nbET7KAzRKQRyXjs0SAWZw1auCnsFnDiUGaq6MmjOgpyjAhA==

GET
H2 200 moatheader.js Show response
z.moatads.com/playwireprebidheader597261727146/ 215 KB
75 KB 44ms
44ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d9f2af4bf1a7d93ab352bab7209c5020e3568c3ccd5eefbe0254bd5c3ae0ac9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:47 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 16:34:16 GMT
server: AmazonS3
x-amz-request-id: 0B9FTETDCR9HCZ51
etag: "caa85a6be7f361410bb7446d960b7b0b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=17913
accept-ranges: bytes
content-length: 76830
x-amz-id-2: dpD7ceh0uvN5UBNBgQhiywtvgapTAu5CIxBJyhIqHdPeVHaBl83x1OXyHr7e/A0wiyRqpJt3nXQ=

GET
H2 200 rules-p-8dMeaPxgtnRKk.js Show response
rules.quantcount.com/ 3 B
439 B 125ms
44ms Script
application/javascript 2600:9000:223c:ce00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-8dMeaPxgtnRKk.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ce00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:48:51 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
age: 22797
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:13:40 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: yVNr3uxXF9rWwD7lzkVS8dajk0umJQs8wTazYIyFgC2l08XKBHzxiw==

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 285 KB
80 KB 95ms
45ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=e64892f3c662bd9e48f961750dfbc19e

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2a246b04737db2c995c2182a97b667ca0ebc2792f7dcb1d6833696db75b059a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.newser.com/
Origin: https://www.newser.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: gukRpdLsYRm71d6DC/U63A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Fri, 10 Feb 2023 12:03:27 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82098
x-fb-rlafr: 0
x-fb-debug: b/BnGDEUz2Q6IMIoTYX1rNa3A61hy+vRPBbdnww/urLh/Bmi/beX+eZEZn/Nc/+hbB3JIRDQh/0W/gOR+Eha7w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 6c400a90862b277156e48d56d50b14e0
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 10 Feb 2022 14:08:47 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "2382e3c53af0092bf64a4f20e7581564"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035830&ns__t=1644502127877&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2F...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035830&ns__t=1644502127877&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2...

0
223 B

39ms
36ms

Image
text/plain

108.157.4.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035830&ns__t=1644502127877&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2Fwww.newser.com%2F&c9=
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Server: 108.157.4.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-80.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:48 GMT
via: 1.1 3ac8e795602d9d156b63546d3d0aaad0.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: AcsmGYYXe5djwout3v4equuQjvKUSsWH9sbxfkyt3UgnLt1Qn-B08w==
x-cache: Miss from cloudfront

Redirect headers

date: Thu, 10 Feb 2022 14:08:47 GMT
via: 1.1 3ac8e795602d9d156b63546d3d0aaad0.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035830&ns__t=1644502127877&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2Fwww.newser.com%2F&c9=
content-length: 241
x-amz-cf-id: gv7pqF6v_wHPzAOHSrFJOlu-JU3rm-YBbwy17oA34iHt_iGwb27tJg==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 435ms
124ms Image
image/gif 54.175.247.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=newser.com&p=%2F&u=LO11sDtktR6BD30by&d=newser.com&g=19359&g0=Home&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=2773&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2624&t=FxJTJDcIyNuDI3xAVCTdFUBuiZ0x&V=129&i=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&tz=0&sn=1&sv=CaRPAlD87XraCLvGiZBkcsYneo9Ol&sd=1&im=062b073f&_
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.247.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-247-53.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 14:08:48 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 Tag.engine Show response
engine.4dsply.com/ 2 KB
2 KB 437ms
376ms Script
application/json 2606:4700::6810:9f11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.4dsply.com/Tag.engine?time=0&id=7f1a7287-2f7e-4f83-800d-06bd711ee14e&rand=41503&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1600&bh=1200&res=1600x1200&curl=https%3A%2F%2Fwww.newser.com%2F&kw=
Requested by: Host: cdn.engine.4dsply.com
URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=7f1a7287-2f7e-4f83-800d-06bd711ee14e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9f11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 78e0379b30707129cdeb8eddaab464d6a24d46bfaac119b7584d500ed981d01f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:48 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
cache-control: private, no-transform
cf-ray: 6db5e95c8f8091fc-FRA
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK utility.aspx Show response
www.newser.com/ 0
482 B 129ms
127ms XHR
text/html 40.114.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newser.com/utility.aspx?function=metricsab&b=false&platform=D&visitorid=1561185119&visitorclassification=P
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/javascript/20220201_1200/jquery-1.12.4.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 40.114.51.62 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.newser.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 14:08:47 GMT
RawURL: /utility.aspx?function=metricsab&b=false&platform=D&visitorid=1561185119&visitorclassification=P
Content-Type: text/html
Cache-Control: private, no-store
Scheme: https
Content-Length: 0
Expires: Thu, 10 Feb 2022 14:07:48 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220208/r20190131/ Frame D7E2 10 KB
5 KB 108ms
21ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220208/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Wed, 09 Feb 2022 21:54:54 GMT
expires: Wed, 23 Feb 2022 21:54:54 GMT
cache-control: public, max-age=1209600
age: 58434
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aws-sdk-kinesis.min.js Show response
cdn.intergient.com/pageos/js/libs/ 227 KB
67 KB 42ms
30ms Script
text/javascript 2600:9000:2250:9600:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.6.34/batchHandler.cf8da702ed619bc8d371.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 14:31:41 GMT
content-encoding: gzip
last-modified: Thu, 04 Nov 2021 13:03:16 GMT
server: AmazonS3
age: 85028
etag: W/"dd4723e36a9cd5d1d04946ad79b9dfe6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: ZkZCKs6CUwsVQcQcXRfdZUNQpWboOzTDGmaS_OgIdluYt3XhIHc4dA==

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 432 B
607 B 238ms
82ms Script
text/html 52.48.241.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-lVSP6LDFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-znSbt24580cdYQ%3D%3D&sc=1&os=1-2Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.newser.com%2F&pcode=playwireprebidheader597261727146&rx=712567330748&callback=MoatNadoAllJsonpRequest_3696621
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.241.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-241-99.eu-west-1.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: 3c6c6fb5ffcb10c3fd6f71f33c0f2cc36e52fbae6edd291a8e83f96deb746206

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:48 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "b01cf189de91701e9c2c506f4ca8fcfcdfbf5cda"
content-length: 432
content-type: text/html; charset=UTF-8

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 36ms
35ms Script
application/javascript 2.21.140.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.140.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-140-111.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Thu, 10 Feb 2022 14:08:48 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77619

GET
H2 200 pixel;r=1333801843;rf=0;a=p-8dMeaPxgtnRKk;url=https%3A%2F%2Fwww.newser.com%2F;uht=2;fpan=1;fpa=P0-150734026-1644502128559;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;ref=;d=newser.co...
pixel.quantserve.com/ 35 B
371 B 129ms
55ms Image
image/gif 2620:116:800d:21:ee05:6a01:4b41:8c89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1333801843;rf=0;a=p-8dMeaPxgtnRKk;url=https%3A%2F%2Fwww.newser.com%2F;uht=2;fpan=1;fpa=P0-150734026-1644502128559;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;ref=;d=newser.com;je=0;sr=1600x1200x24;dst=0;et=1644502128555;tzo=0;ogl=

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 14:08:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 516E 232 B
447 B 797ms
171ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=e5a997734ca85040449a99af7c4db6c0cba99257

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.4e067713e19d4fff483536ddc4df18b9.html?origin=https%3A%2F%2Fwww.newser.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 105
date: Thu, 10 Feb 2022 14:08:49 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 14:08:49 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 5d55297e038300606ef7359db01245258c3acabf21cc75ed06081232ab9e95b8
content-length: 166

GET
H2 200 vendors~gdpr.f92225b828d740c7c57f.js Show response
cdn.intergient.com/pageos/1.6.34/ 65 KB
16 KB 22ms
22ms Script
application/javascript 2600:9000:2250:9600:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.6.34/vendors~gdpr.f92225b828d740c7c57f.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a87d4c2682d10f0750f0e1142e25fce055f0ae596c7a277bbaf2427ddae146bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 01:35:15 GMT
content-encoding: br
last-modified: Mon, 31 Jan 2022 13:48:56 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643636929/ctime:1643636929/gid:20/gname:staff/md5:9b5e3fdd31d877679a5666fe44299ea9/mode:33188/mtime:1643636929/uid:501/uname:thomascreamer
age: 45676
etag: W/"9b5e3fdd31d877679a5666fe44299ea9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: Lov8TokM9vBigVOuXZuFth9zl5HLw52_cBewcM-qA07e-xULIkcicg==

GET
H2 200 gdpr.2215b54d4ccc637fdba9.js Show response
cdn.intergient.com/pageos/1.6.34/ 9 KB
3 KB 25ms
24ms Script
application/javascript 2600:9000:2250:9600:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.6.34/gdpr.2215b54d4ccc637fdba9.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 652f45a243a2b7d05e9fa40535b55626458b737aa964a3e631e758a0e3effc3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 03:27:39 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 13:48:55 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643636929/ctime:1643636929/gid:20/gname:staff/md5:6b1a6944c41ba69c44aea79306e73cfe/mode:33188/mtime:1643636929/uid:501/uname:thomascreamer
age: 38475
etag: W/"6b1a6944c41ba69c44aea79306e73cfe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: 01XR5y5ma8x8MwbeTV-27TucStuSeyf7EICzzPGkn7u9vDTrwVANOA==

GET
H2 200 iframe.html Show response
cdn.intergient.com/pageos/1.6.34/iframe/ Frame 82CE 542 B
981 B 63ms
63ms Document
text/html 2600:9000:2250:9600:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.6.34/iframe/iframe.html
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 991fe74259223f99727fd1e7b1b4e9ed4cd555c48853cc730a5ec36899b78e81

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

content-type: text/html
content-length: 542
last-modified: Mon, 31 Jan 2022 13:48:55 GMT
x-amz-meta-s3cmd-attrs: atime:1643636927/ctime:1643636927/gid:20/gname:staff/md5:17ff8ae7ac94bb08df8e1a3d698599b1/mode:33188/mtime:1643636927/uid:501/uname:thomascreamer
accept-ranges: bytes
server: AmazonS3
date: Thu, 10 Feb 2022 08:41:32 GMT
etag: "17ff8ae7ac94bb08df8e1a3d698599b1"
x-cache: Hit from cloudfront
via: 1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: SXHt40N7nOreB2EW-_d3_Yj_YA0D2Qs9ofTZ0X1S45SxKK7rFdNZZg==
age: 19638

GET
H2 200 stickyVideo.cb12701cdcec7f559c8b.js Show response
cdn.intergient.com/pageos/1.6.34/ 10 KB
4 KB 66ms
65ms Script
application/javascript 2600:9000:2250:9600:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.6.34/stickyVideo.cb12701cdcec7f559c8b.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13aff0812c49276fdb1ef2b2292b396ce5e3325a7c13e9582212577d2f0ce975

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 23:29:34 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 13:48:56 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643636929/ctime:1643636929/gid:20/gname:staff/md5:ec2da3bd6d30c123d732f4b65cb1f2df/mode:33188/mtime:1643636929/uid:501/uname:thomascreamer
age: 52756
etag: W/"ec2da3bd6d30c123d732f4b65cb1f2df"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: cEzKReoxw4_VrYCtFW3hcIrvz5ZNg7cyqD6lckIFikY1N29q3234eQ==

GET
H2 200 tyche.js Show response
cdn.intergi.com/hera/releases/4.4.30/ 1 KB
964 B 66ms
66ms Script
application/javascript 2600:9000:223d:a800:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.30/tyche.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:a800:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b048b22e5cb93a6809a1da3c04d74b9544f70a730881d6c47ec42b74044aa7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 05:36:25 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 21:47:23 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643752038/ctime:1643752038/gid:20/gname:staff/md5:e5aca8c081f539bc64fca2072c275a3f/mode:33188/mtime:1643752038/uid:501/uname:thomascreamer
age: 30745
etag: W/"e5aca8c081f539bc64fca2072c275a3f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: PRCy9n6_RFuio7z9kYlaYf0I7C8i2l07
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
content-type: application/javascript
x-amz-cf-id: VkwGG7PDZ-O38r4P6tUDzLBN-N2GZmZHnFn0xgTzq94FfJkidvDkfg==

GET
H2 200 runtime.4fb5cfd0b1c90a4a297f.js Show response
cdn.intergi.com/hera/releases/4.4.30/ 2 KB
2 KB 71ms
55ms Script
application/javascript 2600:9000:223d:a800:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.30/runtime.4fb5cfd0b1c90a4a297f.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.30/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:a800:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 52fbc8c7a9fff04f94f110116156894fa4ebcce60430c036c9181e5e7563a963

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: em87amp.TAG4CuI.e085CYSypPgwZBa_
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 21:47:23 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643752038/ctime:1643752038/gid:20/gname:staff/md5:1d09a2af23deda5587d112c4a96a650d/mode:33188/mtime:1643752038/uid:501/uname:thomascreamer
age: 86019
etag: W/"1d09a2af23deda5587d112c4a96a650d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
date: Wed, 09 Feb 2022 14:15:11 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: X5-cQpKqHogfjEI3ouQ7XluxbcgW7-Sd5Cd-a3Ug8AinC8mTOPcDBQ==

GET
H2 200 npm.core-js.ffb4b0a70697fbafb4fe.js Show response
cdn.intergi.com/hera/releases/4.4.30/vendor/ 24 KB
9 KB 68ms
62ms Script
application/javascript 2600:9000:223d:a800:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.30/vendor/npm.core-js.ffb4b0a70697fbafb4fe.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.30/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:a800:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb0da9c5679e4e04fe036c10e42d93ed5a9a3a8f632db1cfdcdf6352ee4ff789

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: WofOjs7NZjF1WvfwdUGRdFuDEcpfDUR3
content-encoding: br
last-modified: Tue, 01 Feb 2022 21:47:24 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643752038/ctime:1643752038/gid:20/gname:staff/md5:804f5a4d76247f98873a77739d825de0/mode:33188/mtime:1643752038/uid:501/uname:thomascreamer
age: 24274
etag: W/"804f5a4d76247f98873a77739d825de0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
date: Thu, 10 Feb 2022 07:24:16 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: -0Cy8-AbDxqjmBPjemf9Ibaq3qx4doafmsXrTITfTJmIRiUnM9EU_Q==

GET
H2 200 npm.babel.e42d14b31536f4c718ea.js Show response
cdn.intergi.com/hera/releases/4.4.30/vendor/ 2 KB
1 KB 69ms
62ms Script
application/javascript 2600:9000:223d:a800:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.30/vendor/npm.babel.e42d14b31536f4c718ea.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.30/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:a800:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f33f6446320fb034227d51337ec86a0f263cb1ed53e4275cae2fb55b322504cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: 5Zs3JRGUgmRDjuNkXucnxON0kmtk9nYj
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 21:47:24 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643752038/ctime:1643752038/gid:20/gname:staff/md5:f3bb19c23da5015c288c890ccb181355/mode:33188/mtime:1643752038/uid:501/uname:thomascreamer
age: 86020
etag: W/"f3bb19c23da5015c288c890ccb181355"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
date: Wed, 09 Feb 2022 14:15:10 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: W60wbaJ-WDI_uh6Lpgym9zsTyQZG79q-nXozhpm1ojVxQ8_Ao0Ralw==

GET
H2 200 npm.lodash.922cd3f43a34caef1c38.js Show response
cdn.intergi.com/hera/releases/4.4.30/vendor/ 3 KB
2 KB 69ms
63ms Script
application/javascript 2600:9000:223d:a800:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.30/vendor/npm.lodash.922cd3f43a34caef1c38.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.30/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:a800:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2cddcc76dd7b01e07130b647637c2c81f27ab4a0214973a010e712813f311138

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 05:20:49 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 21:47:27 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643752038/ctime:1643752038/gid:20/gname:staff/md5:0c61d46da45d9ab039a485d6e9e04701/mode:33188/mtime:1643752038/uid:501/uname:thomascreamer
age: 31681
etag: W/"0c61d46da45d9ab039a485d6e9e04701"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: QKSucnKk_4fTfEXZ2kEv1_9it29M1Dat
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
content-type: application/javascript
x-amz-cf-id: PBCcr68DYcDI-ZuDto3Sv6_xxWve_hUiG7Lpp1Lvwc86Gr9XqHmfvg==

GET
H2 200 npm.intersection-observer.8aa2efdfa26796cda0fc.js Show response
cdn.intergi.com/hera/releases/4.4.30/vendor/ 9 KB
3 KB 70ms
64ms Script
application/javascript 2600:9000:223d:a800:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.30/vendor/npm.intersection-observer.8aa2efdfa26796cda0fc.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.30/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:a800:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e990f8a7023db06444f9552e7bde007060d0e1e86b72ae845f24471bce3339e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: Fs2d32hZeiVresZ3jZDu1rm1A6aWTGOt
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 21:47:24 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643752038/ctime:1643752038/gid:20/gname:staff/md5:2be2cdb69171257c85e47d90ae2f6b2f/mode:33188/mtime:1643752038/uid:501/uname:thomascreamer
age: 86019
etag: W/"2be2cdb69171257c85e47d90ae2f6b2f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
date: Wed, 09 Feb 2022 14:15:10 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: eqbYgD1BbH4Uiy2ujEFt3OHzrIIURjZYB8axBuS8UO46ThEBTRB0bw==

GET
H2 200 npm.process.940d3a7ac2b6ed08f335.js Show response
cdn.intergi.com/hera/releases/4.4.30/vendor/ 2 KB
1 KB 70ms
64ms Script
application/javascript 2600:9000:223d:a800:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.30/vendor/npm.process.940d3a7ac2b6ed08f335.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.30/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:a800:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5122ba93a9303c1dd09b760b3195122db1beef3b3d673b2274ec5ff2e8512ad1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: zQYRWwjTz42gbWz0YQF5gCH.QabAlsJG
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 21:47:27 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643752038/ctime:1643752038/gid:20/gname:staff/md5:c3f55d7eac6bd8289f3c5184e9fd1118/mode:33188/mtime:1643752038/uid:501/uname:thomascreamer
age: 34314
etag: W/"c3f55d7eac6bd8289f3c5184e9fd1118"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
date: Thu, 10 Feb 2022 10:34:27 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: YPSFx9wcFThB9J3cjT4CscW2PaZ58fYG07TFXZRa8bRJFRU-Q4_VBw==

GET
H2 200 npm.webpack.1e0f2b4c3cee24713006.js Show response
cdn.intergi.com/hera/releases/4.4.30/vendor/ 231 B
720 B 68ms
64ms Script
application/javascript 2600:9000:223d:a800:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.30/vendor/npm.webpack.1e0f2b4c3cee24713006.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.30/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:a800:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bed31c2062d8bcd1167d1be160c5d65dbf8b1ea2a75fe7f91a5396fe71e51cc0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: 422xg4rTGOjL1J3wYdsDqTJFnXhJQ4HE
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
last-modified: Tue, 01 Feb 2022 21:47:27 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643752038/ctime:1643752038/gid:20/gname:staff/md5:436272b3faaa8c97115625bc8504abbf/mode:33188/mtime:1643752038/uid:501/uname:thomascreamer
age: 43673
etag: "436272b3faaa8c97115625bc8504abbf"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 10 Feb 2022 02:00:57 GMT
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-length: 231
x-amz-cf-id: 0tSNaHIyw7P_xDY5vNh1q3n85HWjJ9Ka-ShNXuABq4h2hVHZPF6Mmg==

GET
H2 200 lib-main.aa0becec495b9d9b6de4.js Show response
cdn.intergi.com/hera/releases/4.4.30/lib/ 4 KB
3 KB 68ms
65ms Script
application/javascript 2600:9000:223d:a800:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.30/lib/lib-main.aa0becec495b9d9b6de4.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.30/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:a800:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5347c78f51c7cf4a4e84d4be12317338a93ff8da7df24519360728769e48a91b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: P5OQMZp4aMN.pyvAP.joxz2aoEsP9pp0
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 21:47:22 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643752038/ctime:1643752038/gid:20/gname:staff/md5:4f9983efbe731c3569545c1c49d9a965/mode:33188/mtime:1643752038/uid:501/uname:thomascreamer
age: 86019
etag: W/"4f9983efbe731c3569545c1c49d9a965"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
date: Wed, 09 Feb 2022 14:15:11 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: eXcpqvwX2eBVcNXuxvk_u1UMLicXaBy-q3lejGm0CjzFTUwvMwL8gQ==

GET
H2 200 main.fc80dfdc2fceb35c4500.js Show response
cdn.intergi.com/hera/releases/4.4.30/ 101 KB
30 KB 123ms
121ms Script
application/javascript 2600:9000:223d:a800:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.30/main.fc80dfdc2fceb35c4500.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.30/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:a800:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 20e4238f1c28be6ee9392bb30a94b3a38d3114828a8ad057821f63ed68fa2159

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: QfIkNfb1v6PduH8dTbNio_v7_dcdLLtU
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 21:47:23 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643752038/ctime:1643752038/gid:20/gname:staff/md5:abadd1aaa558a3fb88fd76321c918463/mode:33188/mtime:1643752038/uid:501/uname:thomascreamer
age: 86095
etag: W/"abadd1aaa558a3fb88fd76321c918463"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
date: Wed, 09 Feb 2022 14:15:10 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: KRFEwMS9fa3CAaWI6xSGuD9xP84xBb8EJ1kQgXafG8UtUoV4hps1Vw==

GET
H2 200 lib.55782284870bfbbd6c84.js Show response
cdn.intergi.com/hera/releases/4.4.30/lib/ 138 B
628 B 129ms
126ms Script
application/javascript 2600:9000:223d:a800:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.30/lib/lib.55782284870bfbbd6c84.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.30/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:a800:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 94360a6ab3ea5a75cb34a06ef2ff905d7ea0a7dc43eefcff9b6f90e737fa4e41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: EygA6gOb9W1aM6J3kVuGhWElstmqtj7F
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
last-modified: Tue, 01 Feb 2022 21:47:22 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643752038/ctime:1643752038/gid:20/gname:staff/md5:64d609d6dc753b7c1abf5d5d2b095aa1/mode:33188/mtime:1643752038/uid:501/uname:thomascreamer
age: 86013
etag: "64d609d6dc753b7c1abf5d5d2b095aa1"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Wed, 09 Feb 2022 14:15:17 GMT
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-length: 138
x-amz-cf-id: I5Kb0RjaXPcHrzcI3hfPKsyczgcLKoHRpgeIpld-LOOm88G8FlADBg==

GET
H2 200 iframe.js Show response
cdn.intergient.com/pageos/1.6.34/iframe/ Frame 82CE 18 KB
7 KB 63ms
63ms Script
application/javascript 2600:9000:2250:9600:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.6.34/iframe/iframe.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.6.34/iframe/iframe.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24859012124ced0182ce574c576dd12890fe364cbce6e7e5366d93b0d020160e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.intergient.com/pageos/1.6.34/iframe/iframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 06:19:23 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 13:48:55 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643636928/ctime:1643636927/gid:20/gname:staff/md5:b67444bcf90d550e4e0fc90e6489d972/mode:33188/mtime:1643636927/uid:501/uname:thomascreamer
age: 28167
etag: W/"b67444bcf90d550e4e0fc90e6489d972"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: rVGPfyMmg36my7MB7ZXBFeLFjvLXCZXuWAg3AvXQR5Rm2nH3-KRY3g==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 178ms
63ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.30/main.fc80dfdc2fceb35c4500.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

6a851018217b9b82c42ee40fc19da2cebeef9e015fa16af92de592a757a2c930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27148
x-xss-protection: 0
server: sffe
etag: "1127 / 379 of 1000 / last-modified: 1644494755"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 10 Feb 2022 14:08:49 GMT

GET
H2 200 prebid.js Show response
cdn.intergi.com/prebid/ 561 KB
167 KB 55ms
55ms Script
text/javascript 2600:9000:223d:a800:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/prebid/prebid.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:a800:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eaabab8c24b72d06a81e683e79aa6cee9794568cfb0d11b701679e23c977cdf6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: cIOW0Eaxx74QgsJthf9NKFHIi5noVGbW
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 14:14:22 GMT
server: AmazonS3
age: 67170
etag: W/"1987d4ec7b5b8901007f409f83e17693"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
date: Wed, 09 Feb 2022 19:29:20 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: Zi4iyxjFzIAaFqTbhPrer0n1CLEG6qJESpir3f-WAiwY2-vSJku3cw==

GET
H3 200 pubads_impl_2022020801.js Show response
securepubads.g.doubleclick.net/gpt/ 357 KB
119 KB 65ms
32ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064811

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

8f4b70778aa21c1c093c6acbad70c70b2e69d4d22e47d9405ee137db16ca050b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 18:35:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70423
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122244
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:34:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 09 Feb 2023 18:35:06 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 93ms
24ms Script
application/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.30/main.fc80dfdc2fceb35c4500.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: Server /
Resource Hash: c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: SKwQUYZY6s9wJPymt5_yhNbSVWOe2iBW
content-encoding: gzip
etag: 8d3665a9b316600491247ca6d78c204c
age: 414
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 04M4A0SBXJJ6QQ2BS7ED
date: Thu, 10 Feb 2022 14:01:56 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: souZXnhCVQsXSIHuVEZtdIveWf5aU5yAWY7efaIST3tSMQOYJXVQLg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 72ms
24ms XHR
application/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 30376
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 21 Jan 2022 02:54:57 GMT
server: AmazonS3
date: Thu, 10 Feb 2022 05:42:35 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: bk6BDBZuRf2piSIlIxMchz2_pin4pakUTqr4QmGhrwofEwS_6ppK3w==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 248 B
605 B 32ms
32ms XHR
application/json 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.newser.com&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 12:59:16 GMT
via: 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
server: Server
age: 4174
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.newser.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P3
content-length: 248
x-amz-cf-id: UYaPWh21YbbbJo5_9jEDAysirREC-fXH6gU95kVmd0kRLWpGOUqobA==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
491 B 79ms
79ms XHR
text/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.newser.com%2F&pid=euijQcfpRTzvq&cb=0&ws=1600x1200&v=7.72.0&t=2500&slots=%5B%7B%22sd%22%3A%22leaderboard_atf%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F154013155%2C1028224%2F1024100%2F72343%2F1024100-72343-desktop_leaderboard%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP-home%22%7D%2C%7B%22sd%22%3A%22leaderboard_btf2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F154013155%2C1028224%2F1024100%2F72343%2F1024100-72343-desktop_leaderboard%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP-home%22%7D%2C%7B%22sd%22%3A%22leaderboard_btf3%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F154013155%2C1028224%2F1024100%2F72343%2F1024100-72343-desktop_leaderboard%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP-home%22%7D%2C%7B%22sd%22%3A%22leaderboard_btf%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F154013155%2C1028224%2F1024100%2F72343%2F1024100-72343-desktop_leaderboard%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP-home%22%7D%5D&schain=1.0%2C1!playwire.com%2C72343%2C1%2C%2C%2C&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.210.175 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-210-175.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:50 GMT
via: 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-amz-rid: WCYF90CK5N7086B1B2ER
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.newser.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: nvXPQ9uY81G9eY9cNF60j_DduzNJqbA5cSJomyNXt0qVLZvzTiHi7A==

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 99ms
30ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.newser.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064811

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Feb 2022 14:08:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 112 KB
24 KB 501ms
500ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1280146948118411&correlator=4206162105267375&output=ldjh&eid=31064811&output=ldjh&gdfp_req=1&vrg=2022020801&ptt=17&impl=fifs&npa=1&sc=1&sfv=1-0-38&ecs=20220210&iu_parts=154013155%3A1028224%2C1024100%2C72343%2C1024100-72343-desktop_leaderboard%2Cpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP%2Cpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP-home&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90&prev_scp=pos%3Datf%26slot_id%3Dleaderboard_atf%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DCP%255Bhome%255D%26lld_id%3D174a36a3870c41a38e37c9c44818a27202130174%26amznbid%3D1%26amznp%3D1%26in_view%3Dtrue&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_death_injury%252Cmoat_unsafe%252Cgv_crime%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26sitecont_cat%3Dnews%252Cbusiness_and_finance%252Cbusiness_and_finance%252Centertainment%26hour%3D14%26day%3DThursday%26OS%3DWindows%252010%26browser%3DChrome%252098%26pagecount%3D1%26window_width%3D1600%26window_height%3D1200%26screen_orientation%3Dlandscape%26refresh_count%3D0%26tyche_version%3D4.4.30%26kver%3Dv1%26ab_test%3Dna_A%26got_consent%3Dfalse%26page_focus%3Dtrue&cookie_enabled=1&bc=31&abxe=1&dt=1644502130382&lmt=1644502130&dlt=1644502126695&idt=3378&frm=20&biw=1600&bih=1200&oid=2&adxs=561&adys=55&adks=2039480262&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.newser.com%2F&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&ga_vid=151998209.1644502128&ga_sid=1644502128&ga_hid=1784752289&ga_fc=true&fws=4&ohw=728&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064811

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

21aa45f9c2482606f03d1da70506b083088308868b93359e8dc764d31d4c9556

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24572
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newser.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 314ms
313ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1280146948118411&correlator=3252459110270507&output=ldjh&eid=31064811&output=ldjh&gdfp_req=1&vrg=2022020801&ptt=17&impl=fifs&npa=1&sc=1&sfv=1-0-38&ecs=20220210&iu_parts=154013155%3A1028224%2C1024100%2C72343%2C1024100-72343-desktop_leaderboard%2Cpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP%2Cpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP-home&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90&prev_scp=pos%3Dbtf%26slot_id%3Dleaderboard_btf%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DCP%255Bhome%255D%26lld_id%3Df6301fb84dae41ae8c63a4bf374479df02130176%26amznbid%3D1%26amznp%3D1%26in_view%3Dtrue&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_death_injury%252Cmoat_unsafe%252Cgv_crime%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26sitecont_cat%3Dnews%252Cbusiness_and_finance%252Cbusiness_and_finance%252Centertainment%26hour%3D14%26day%3DThursday%26OS%3DWindows%252010%26browser%3DChrome%252098%26pagecount%3D1%26window_width%3D1600%26window_height%3D1200%26screen_orientation%3Dlandscape%26refresh_count%3D0%26tyche_version%3D4.4.30%26kver%3Dv1%26ab_test%3Dna_A%26got_consent%3Dfalse%26page_focus%3Dtrue&cookie_enabled=1&bc=31&abxe=1&dt=1644502130413&lmt=1644502130&dlt=1644502126695&idt=3378&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=684&adks=2039479053&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.newser.com%2F&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&ga_vid=151998209.1644502128&ga_sid=1644502128&ga_hid=1784752289&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064811

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a0b276ee08796d30bc32a3d1b73bd35730e6a42791937131592e28d186d999ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10385
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newser.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 115 KB
30 KB 363ms
362ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1280146948118411&correlator=4116855400581058&output=ldjh&eid=31064811&output=ldjh&gdfp_req=1&vrg=2022020801&ptt=17&impl=fifs&npa=1&sc=1&sfv=1-0-38&ecs=20220210&iu_parts=154013155%3A1028224%2C1024100%2C72343%2Cpublisher%3A1024100-website%3A72343-web_interstitial%2Cpublisher%3A1024100-website%3A72343-web_interstitial-CP%2Cpublisher%3A1024100-website%3A72343-web_interstitial-CP-home&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=pos%3DFIXED%26slot_id%3Dweb_interstitial%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DCP%255Bhome%255D%26lld_id%3Ddbbae1e1ca1c489c873b59fc9b15e42102130228&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_death_injury%252Cmoat_unsafe%252Cgv_crime%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26sitecont_cat%3Dnews%252Cbusiness_and_finance%252Cbusiness_and_finance%252Centertainment%26hour%3D14%26day%3DThursday%26OS%3DWindows%252010%26browser%3DChrome%252098%26pagecount%3D1%26window_width%3D1600%26window_height%3D1200%26screen_orientation%3Dlandscape%26refresh_count%3D0%26tyche_version%3D4.4.30%26kver%3Dv1%26ab_test%3Dna_A%26got_consent%3Dfalse%26page_focus%3Dtrue&cookie_enabled=1&bc=31&abxe=1&dt=1644502130424&lmt=1644502130&dlt=1644502126695&idt=3378&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=3239307466&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.newser.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=151998209.1644502128&ga_sid=1644502128&ga_hid=1784752289&ga_fc=true&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064811

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

7bcc99f34bda6777489d7444d9d33afac455ee75213c421cc5dad7fdb6a7c92e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30828
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newser.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7496 6 KB
4 KB 176ms
33ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064811

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 10 Feb 2022 14:08:50 GMT
expires: Fri, 10 Feb 2023 14:08:50 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_page_level_ads_2022020801.js Show response
securepubads.g.doubleclick.net/gpt/ 35 KB
13 KB 26ms
26ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022020801.js?cb=31064811

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064811

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

6585ad79553feebae65872466c71015c90f93d523c48a4cf620c73548c65d8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 17:37:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160276
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13021
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:34:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Feb 2023 17:37:34 GMT

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 53 KB
17 KB 148ms
19ms Script
application/javascript 104.89.31.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.31.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-31-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:50 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 17:06:57 GMT
server: Apache
etag: "d398-5c3b75e9ebb41-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17087
expires: Thu, 10 Feb 2022 14:23:50 GMT

GET
H2 200 p Show response
i.simpli.fi/ 750 B
1 KB 27ms
27ms Script
application/javascript 169.50.137.179
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=&cb=sifi_att_42656._hp

Requested by

Host: i.simpli.fi
URL: https://i.simpli.fi/dpx.js?cid=3056&m=1&referrer=http://www.newser.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b3.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

63fd621066b82120c129ad9b1bd9d83bf29b337781f4bef75d356e63c008ca3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Thu, 10 Feb 2022 14:08:50 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 70ms
41ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022020801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064811

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02886fbfa96b36521df6d0c8e243d962fb9992f29d67247dd30756a9589d568b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Feb 2022 14:08:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9882
x-xss-protection: 0

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=62D52269BFB54AB9B0069C1A0F3DB98F&dongle=yf3
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=62D52269BFB54AB9B0069C1A0F3DB98F&dongle=yf3&gdpr=1&cmp_cs=&us_privacy=

37 B
354 B

21ms
19ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=62D52269BFB54AB9B0069C1A0F3DB98F&dongle=yf3&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7969&xuid=62D52269BFB54AB9B0069C1A0F3DB98F&dongle=yf3&gdpr=1&cmp_cs=&us_privacy=
date: Thu, 10 Feb 2022 14:08:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=62D52269BFB54AB9B0069C1A0F3DB98F

43 B
183 B

343ms
108ms

Image
image/gif

2600:1f18:612b:4216:1314:397:4325:f0c1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=62D52269BFB54AB9B0069C1A0F3DB98F
Protocol: H2
Server: 2600:1f18:612b:4216:1314:397:4325:f0c1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:51 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

date: Thu, 10 Feb 2022 14:08:50 GMT
x-content-type-options: nosniff
server: nginx
location: https://simplifi.partners.tremorhub.com/sync?UISF=62D52269BFB54AB9B0069C1A0F3DB98F
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Wed, 09 Feb 2022 14:08:50 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=62D52269BFB54AB9B0069C1A0F3DB98F
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=62D52269BFB54AB9B0069C1A0F3DB98F

95 B
425 B

39ms
37ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=62D52269BFB54AB9B0069C1A0F3DB98F

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:51 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=62D52269BFB54AB9B0069C1A0F3DB98F
date: Thu, 10 Feb 2022 14:08:50 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

aa_px
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=62D52269BFB54AB9B0069C1A0F3DB98F
https://d.agkn.com/pixel/10751/?che=1644502130&ip=84.19.175.183&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164980904058000287221
https://um.simpli.fi/aa_px?sk=164980904058000287221

43 B
361 B

65ms
50ms

Image
image/gif

159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/aa_px?sk=164980904058000287221

Protocol

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 14:08:51 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://um.simpli.fi/aa_px?sk=164980904058000287221
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=62D52269BFB54AB9B0069C1A0F3DB98F

0
0

118ms
38ms

Image
text/html

52.222.214.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=62D52269BFB54AB9B0069C1A0F3DB98F
Protocol: H2
Server: 52.222.214.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-69.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Thu, 10 Feb 2022 14:08:50 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=62D52269BFB54AB9B0069C1A0F3DB98F
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Wed, 09 Feb 2022 14:08:50 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 209ms
38ms Image
image/gif 159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 09 Feb 2022 14:08:50 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 37ms
31ms Image
image/gif 159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 09 Feb 2022 14:08:50 GMT

GET
H2

451

400646.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=62D52269BFB54AB9B0069C1A0F3DB98F;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=62D52269BFB54AB9B0069C1A0F3DB98F;mimetype=img;sr
https://idsync.rlcdn.com/400646.gif?partner_uid=-6666176098133785828

0
42 B

69ms
54ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/400646.gif?partner_uid=-6666176098133785828
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:51 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

pragma: no-cache
date: Thu, 10 Feb 2022 14:08:50 GMT
via: 1.1 google
server: Apache-Coyote/1.1
access-control-allow-origin: *
anserver: gapp-eu-4.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://idsync.rlcdn.com/400646.gif?partner_uid=-6666176098133785828
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=62D52269BFB54AB9B0069C1A0F3DB98F&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=62D52269BFB54AB9B0069C1A0F3DB98F&j=0&xl8blockcheck=1

0
755 B

56ms
55ms

Image
text/plain

34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=62D52269BFB54AB9B0069C1A0F3DB98F&j=0&xl8blockcheck=1
Protocol: H2
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:51 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Thu, 10 Feb 2022 14:08:50 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=62D52269BFB54AB9B0069C1A0F3DB98F&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 38ms
32ms Image
image/gif 159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 09 Feb 2022 14:08:50 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=62D52269BFB54AB9B0069C1A0F3DB98F

0
421 B

427ms
103ms

Image
text/plain

54.243.106.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=62D52269BFB54AB9B0069C1A0F3DB98F
Protocol: HTTP/1.1
Server: 54.243.106.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-106-181.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Connection: keep-alive
Date: Thu, 10 Feb 2022 14:08:50 GMT

Redirect headers

date: Thu, 10 Feb 2022 14:08:50 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.bfmio.com/sync?pid=141&uid=62D52269BFB54AB9B0069C1A0F3DB98F
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Wed, 09 Feb 2022 14:08:50 GMT

GET
H/1.1

200
OK

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=62D52269BFB54AB9B0069C1A0F3DB98F

62 B
603 B

225ms
156ms

Image
image/gif

104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=62D52269BFB54AB9B0069C1A0F3DB98F
Protocol: HTTP/1.1
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 14:08:51 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

Redirect headers

date: Thu, 10 Feb 2022 14:08:50 GMT
x-content-type-options: nosniff
server: nginx
location: https://stags.bluekai.com/site/29931?id=62D52269BFB54AB9B0069C1A0F3DB98F
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Wed, 09 Feb 2022 14:08:50 GMT

GET
H2

200

tpid=62D52269BFB54AB9B0069C1A0F3DB98F
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=62D52269BFB54AB9B0069C1A0F3DB98F
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=62D52269BFB54AB9B0069C1A0F3DB98F

49 B
738 B

55ms
55ms

Image
image/gif

52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=62D52269BFB54AB9B0069C1A0F3DB98F
Protocol: H2
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 14:08:51 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.10.244
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 10 Feb 2022 14:08:51 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=62D52269BFB54AB9B0069C1A0F3DB98F
cache-control: no-cache
x-server: 10.45.10.22
content-length: 0
expires: 0

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=62D52269BFB54AB9B0069C1A0F3DB98F

0
348 B

119ms
28ms

Image
text/plain

72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=62D52269BFB54AB9B0069C1A0F3DB98F
Protocol: HTTP/1.1
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 14:08:51 GMT
X-MERGE: GDPR Optout true
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Thu, 10 Feb 2022 14:08:50 GMT
x-content-type-options: nosniff
server: nginx
location: https://ce.lijit.com/merge?pid=2&3pid=62D52269BFB54AB9B0069C1A0F3DB98F
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Wed, 09 Feb 2022 14:08:50 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=62D52269BFB54AB9B0069C1A0F3DB98F

0
66 B

96ms
26ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=62D52269BFB54AB9B0069C1A0F3DB98F
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:51 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Thu, 10 Feb 2022 14:08:50 GMT
x-content-type-options: nosniff
server: nginx
location: https://idsync.rlcdn.com/419566.gif?partner_uid=62D52269BFB54AB9B0069C1A0F3DB98F
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Wed, 09 Feb 2022 14:08:50 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1644502130666&cv=7&fst=1644502130666&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=333702157&cv=7&fst=1644502130666&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cooki...
https://www.google.com/pagead/1p-conversion/1026675585/?random=333702157&cv=7&fst=1644502130666&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...
https://www.google.de/pagead/1p-conversion/1026675585/?random=333702157&cv=7&fst=1644502130666&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=...

42 B
548 B

168ms
65ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=333702157&cv=7&fst=1644502130666&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=chwFYquXNOSjx_APgvKh-Ao&cid=CAQSKQCNIrLMFK4dlu5zHPUgc-GVxr8gLtWG2wofT2y7Ss5xk2tW39aId2Kn&random=4280972360&ipr=y&prhg=0

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 14:08:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Feb 2022 14:08:51 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=333702157&cv=7&fst=1644502130666&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=chwFYquXNOSjx_APgvKh-Ao&cid=CAQSKQCNIrLMFK4dlu5zHPUgc-GVxr8gLtWG2wofT2y7Ss5xk2tW39aId2Kn&random=4280972360&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=62D52269BFB54AB9B0069C1A0F3DB98F
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=62D52269BFB54AB9B0069C1A0F3DB98F&__user_check__=1&sync_id=f9122301-8a7a-11ec-9cea-1f057aaa0206

43 B
549 B

40ms
39ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=62D52269BFB54AB9B0069C1A0F3DB98F&__user_check__=1&sync_id=f9122301-8a7a-11ec-9cea-1f057aaa0206
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 14:08:51 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 121
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Thu, 10 Feb 2022 14:08:51 GMT
Server: nginx
Location: /partner?adv_id=7797&uid=62D52269BFB54AB9B0069C1A0F3DB98F&__user_check__=1&sync_id=f9122301-8a7a-11ec-9cea-1f057aaa0206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 131
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=62D52269BFB54AB9B0069C1A0F3DB98F
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D62D52269BFB54AB9B0069C1A0F3DB98F

43 B
1 KB

283ms
282ms

Image
image/gif

185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D62D52269BFB54AB9B0069C1A0F3DB98F

Protocol

HTTP/1.1

Server

185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 14:08:51 GMT
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d15a9943-a2d7-4bc6-b358-f009cef92379
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 14:08:51 GMT
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b858dcea-fd6a-4250-b75b-6aed0f181314
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D62D52269BFB54AB9B0069C1A0F3DB98F
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=62D52269BFB54AB9B0069C1A0F3DB98F&expires=365

0
239 B

172ms
28ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=62D52269BFB54AB9B0069C1A0F3DB98F&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

Redirect headers

date: Thu, 10 Feb 2022 14:08:50 GMT
x-content-type-options: nosniff
server: nginx
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=62D52269BFB54AB9B0069C1A0F3DB98F&expires=365
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Wed, 09 Feb 2022 14:08:50 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=62D52269BFB54AB9B0069C1A0F3DB98F

43 B
274 B

116ms
36ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=62D52269BFB54AB9B0069C1A0F3DB98F
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 14:08:51 GMT
via: 1.1 google
server: OXGW/17.1.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Thu, 10 Feb 2022 14:08:50 GMT
x-content-type-options: nosniff
server: nginx
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=62D52269BFB54AB9B0069C1A0F3DB98F
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Wed, 09 Feb 2022 14:08:50 GMT

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
https://um.simpli.fi/g_match?id=&google_gid=CAESEHJIOJBF4WxNNCsH7HEM1yc&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=62D52269BFB54AB9B0069C1A0F3DB98F
https://um.simpli.fi/g_match?id=

0
320 B

38ms
36ms

Image
text/plain

159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:51 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 09 Feb 2022 14:08:51 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Feb 2022 14:08:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://um.simpli.fi/g_match?id=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 164ms
50ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064811

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Feb 2022 14:08:50 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012201141909000/ Frame 4AA8 220 KB
61 KB 86ms
20ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064811

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 105595
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61542
x-xss-protection: 0
server: sffe
date: Wed, 09 Feb 2022 08:48:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "00d9ef7efeb287da"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 09 Feb 2023 08:48:55 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 4AA8 16 KB
6 KB 129ms
63ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064811

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 83066
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
server: sffe
date: Wed, 09 Feb 2022 15:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "919adc590e0ff503"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 09 Feb 2023 15:04:24 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 4AA8 96 KB
29 KB 85ms
32ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064811

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 82281
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29570
x-xss-protection: 0
server: sffe
date: Wed, 09 Feb 2022 15:17:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c52208c2e07002d5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 09 Feb 2023 15:17:29 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 4AA8 5 KB
2 KB 86ms
33ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064811

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 134787
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1851
x-xss-protection: 0
server: sffe
date: Wed, 09 Feb 2022 00:42:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "76a8c96b6aaec2c9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 09 Feb 2023 00:42:23 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 4AA8 42 KB
13 KB 87ms
34ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064811

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 190804
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13611
x-xss-protection: 0
server: sffe
date: Tue, 08 Feb 2022 09:08:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7aefe3fe93cc7383"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Feb 2023 09:08:46 GMT

GET
DATA 200
OK truncated
/ Frame 4AA8 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f83342ed50798b6d44f8f723999e2c5af59be6989d6233bec3bb5cc4034d58d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 139065378885652031
tpc.googlesyndication.com/daca_images/simgad/ Frame 4AA8 42 KB
43 KB 57ms
21ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/139065378885652031

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe522f08b4653a24a7f4fe9c3f10678ec703f62ec9c659148088296b131a6647

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 09:10:27 GMT
x-content-type-options: nosniff
age: 104303
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43316
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:58:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Feb 2023 09:10:27 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4AA8 2 KB
3 KB 57ms
19ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 09:41:38 GMT
x-content-type-options: nosniff
server: cafe
age: 16032
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 11 Feb 2022 09:41:38 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4AA8 295 B
399 B 57ms
20ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 15345
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 11 Feb 2022 09:53:05 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4AA8 0
0 67ms
66ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CS7xOchwFYpLpHIOdlQfhq5TACePi7IJo9-OJs9APv-EeEAEg-5vVSWCVgoCAsAegAYbvq5UCyAEC4AIAqAMByAMIqgSGAk_QXnqH6rJiZJFu2zvGHoRiQFzOh8YEUz_r6JKo1cRqaMOI23V9K9OPci1RaXH2iDr3CmxIA3LVToIId-s299IbCh-sfZ3VpxCqlNLFqm56aHvE_DmXVdfae5gBeevgIJA-NIU47xXcOyart1Ah55ZbxVxgue8RBaUjYAbxeCdvgo7KmGd32-A3Qr00toru-CjGWRitwkHM6BIAS8tAsSrxo0aA4_t7vUv2dl2Hi9UI3q5QNYGApNNaZv99rmyZn1IDNtOeqgbBzaaTw5InF5kqLxhJfpCvZOefLHSjXoe1eb7GSJztEFwaIKcTyECZ3ytUty-19evrXPjt55q9KXPMib4AeVvABJ-G2dzaA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAfikNTqAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEOO0A9IICQiI4YBwEAEYHYAKA8gLAdgTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi01ODEyMzU3MzUyMzM1MDc1GNuiIQ&sigh=4CAEJJvtNFA&uach_m=[UACH]
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 container.html Show response
6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D964 6 KB
3 KB 62ms
32ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064811

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Feb 2022 14:08:50 GMT
expires: Fri, 10 Feb 2023 14:08:50 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7D8E 13 KB
5 KB 87ms
42ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Feb 2022 14:03:46 GMT
expires: Fri, 10 Feb 2023 14:03:46 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 304
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 425E 783 B
1 KB 118ms
34ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ea069a2534756e7be05e6f8e8971a76a660fd8611b4ab2baab9a8921c3b9dae9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zMax8MwMq2EulxH/gh33Dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 10 Feb 2022 14:08:51 GMT
date: Thu, 10 Feb 2022 14:08:51 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-zMax8MwMq2EulxH/gh33Dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FB9F 6 KB
3 KB 23ms
23ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064811

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Feb 2022 14:08:50 GMT
expires: Fri, 10 Feb 2023 14:08:50 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 4AA8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

127ms
126ms

Image
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H3
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Thu, 10 Feb 2022 14:08:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame D964 4 KB
634 B 67ms
32ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com
URL: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 13:20:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 10 Feb 2022 14:08:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Feb 2022 14:08:51 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A56F 8 KB
888 B 43ms
33ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com
URL: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 13:22:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 10 Feb 2022 14:08:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Feb 2022 14:08:51 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame A56F 1 KB
875 B 28ms
28ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com
URL: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:04:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 14:04:57 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/ Frame A56F 19 KB
8 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/abg_lite_fy2019.js

Requested by

Host: 6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com
URL: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
server: cafe
etag: 7051432691878289762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 14:06:45 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame A56F 2 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/window_focus_fy2019.js

Requested by

Host: 6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com
URL: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 13:56:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 13:56:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A56F 124 KB
38 KB 152ms
61ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com
URL: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Feb 2022 14:08:51 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame A56F 15 KB
6 KB 40ms
34ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com
URL: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 14:01:38 GMT

GET
H2 200 ff20f166b0acb5bbc58563e896201b58.js Show response
www.gstatic.com/mysidia/ Frame A56F 27 KB
12 KB 137ms
39ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ff20f166b0acb5bbc58563e896201b58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com
URL: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60b6fb70c39877b90333526914dbc0d47052cd8c4c298c421aaee2f9d6b48bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 13:32:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11452
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 06:53:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 11 May 2022 13:32:05 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/elements/html/ Frame D964 19 KB
8 KB 39ms
32ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: 6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com
URL: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a7b5f2e7e3fd51102d05b2706291210864e7890361d932311a18048073374ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:05:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8079
x-xss-protection: 0
server: cafe
etag: 5902764951541284931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 14:05:54 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D964 205 B
519 B 150ms
54ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com
URL: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 19:47:09 GMT
x-content-type-options: nosniff
age: 66102
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 09 Feb 2023 19:47:09 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D964 604 B
695 B 151ms
55ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com
URL: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 19:45:19 GMT
x-content-type-options: nosniff
age: 66212
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 09 Feb 2023 19:45:19 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FB9F 8 KB
888 B 43ms
42ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com
URL: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 13:21:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 10 Feb 2022 14:08:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Feb 2022 14:08:51 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame FB9F 1 KB
875 B 38ms
38ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com
URL: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:04:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 14:04:57 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FB9F 0
0 76ms
76ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CvHI1chwFYt6VHc-U7_UPjsCE8ATphNLtZ-K3lvSnD2QQASD7m9VJYJWCgICwB6ABpJ-Q1wPIAQmpAvG0RxGfL7M-4AIAqAMByAObBKoEiQJP0M5GBQdgLktRBdRS3vk4TyZsOpP5I6pKzPu-PvTYF7utni_Gap-K5iah4tDVeIQgTUF5Qandbr5eK3UYVMfTg5-YKmd0e55R1g2a0iHz6hghNdAATnQC2BtXtRnWN5jRIDH7R_oNkJ3wLC37Bg9Yu7MyEhNfq6tEYwgfwacDMWVbd3qfoCaSgoBTG_tfRTfvIDqo2SoBYUdmN8Nyt4UZFa4U4n431FjEyZLaUtT-GoAXNGLkBOZUacaiypW6d5wqnag_ooBK7Jy3XjCRc7WDXcKXbxZ13YM1Lluyi5kh5igzzVFPcIgS-M5bXKk6QMpqVVlZmC__aAeJDbyJ_H5ljd4hKXP5guRfwASbhIOk6wPgBAGSBQQIBBgBkgUECAUYBKAGLoAHxODvKKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEJuVA9IICQiI4YBwEAEYHYAKA8gLAZgM54T5qPcDuBODBNgTDtAVAZgWAYAXAbIXHgocCAASFHB1Yi01ODEyMzU3MzUyMzM1MDc1GNuiIQ&sigh=54wAV_ulO7o&uach_m=[UACH]&template_id=515
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/ Frame FB9F 19 KB
8 KB 32ms
28ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/abg_lite_fy2019.js

Requested by

Host: 6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com
URL: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
server: cafe
etag: 7051432691878289762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 14:06:45 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame FB9F 2 KB
1 KB 30ms
27ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/window_focus_fy2019.js

Requested by

Host: 6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com
URL: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 13:56:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 13:56:04 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FB9F 124 KB
38 KB 70ms
34ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com
URL: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Feb 2022 14:08:51 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame FB9F 15 KB
6 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com
URL: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 14:01:38 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FB9F 0
0 38ms
37ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQPusDuQHAw1emHgVj6Lrtiu8Jn531H_dTjaqqjDV70UmTzrLqE8k4jtpL5wbWG_dPmsply
Requested by: Host: 6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com
URL: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 ff20f166b0acb5bbc58563e896201b58.js Show response
www.gstatic.com/mysidia/ Frame FB9F 27 KB
11 KB 74ms
39ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ff20f166b0acb5bbc58563e896201b58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com
URL: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60b6fb70c39877b90333526914dbc0d47052cd8c4c298c421aaee2f9d6b48bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 13:32:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11452
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 06:53:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 11 May 2022 13:32:05 GMT

GET
H3 200 18337706635704523187
tpc.googlesyndication.com/simgad/ Frame FB9F 854 B
881 B 28ms
27ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18337706635704523187?w=100&h=100

Requested by

Host: 6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com
URL: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51c102dc9ea54b18f18d2471bd0586f779fea8ad12c86dcb5264d89872562c66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 16:56:55 GMT
x-content-type-options: nosniff
age: 249116
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 854
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 13:18:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 07 Feb 2023 16:56:55 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 44C8 143 B
163 B 60ms
59ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com
URL: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Thu, 10 Feb 2022 14:04:52 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 239
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 425E 0
0 176ms
95ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022020801&jk=1280146948118411&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 gzxFwBIDWVjrNRUrZhLg_NzoVxp69M9kEQUe35bI4iA.js Show response
pagead2.googlesyndication.com/bg/ Frame 7D8E 35 KB
13 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gzxFwBIDWVjrNRUrZhLg_NzoVxp69M9kEQUe35bI4iA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

833c45c012035958eb35152b6612e0fcdce8571a7af4cf6411051edf96c8e220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:07:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13673
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 22:07:49 GMT

GET
DATA 200
OK truncated
/ Frame FB9F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb396162f36f0e17f645c7a85fa3f03ee53e68b150186d1a55d6309f06e6e9e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame FB9F 28 KB
28 KB 66ms
28ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:14:29 GMT
x-content-type-options: nosniff
age: 158063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28196
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 17:53:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 18:14:29 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 44C8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

140ms
137ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com
URL: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Feb 2022 14:08:52 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Feb 2022 14:08:52 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Feb 2022 14:08:52 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7D8E 0
9 B 20ms
19ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?209Q-g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:08:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 61ms
61ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022020801&jk=1280146948118411&bg=!EBOlE1fNAAbS3PJy0tw7ACkAdvg8WipYTP3UpAh65Fojw-M4SoLXCqEK2HrgY4QWv9e15n5A7XFDDQIAAAEMUgAAAAJoAQcKAICvj0twyZnkE7yQQtaZiiT5RPZ-dP0f44SoDgqlrdCUS4TKkncUPGfv8rXA92iWk50Q984qinWYuXR6lnCE7uBeRegGjffQetczODCDXtax677S1aD2j0IFU7d0Rns5VzTRArDUOxxAB54N_sHfgbAViMQ56miSoERv6C7seOIDEJkChw9fI8dYHLjE-XaAes7FXTf4Fdrp7htF9GFtmf-wgs_BvZgwihg_pzdsg9ghU_X1yz1SKRD7-fnjSdMmvXQ4N5arUhtIDCLTzMy-Ta4sxCc9Ic57d_isn_c2F4EuAT_B38DkPPxfM_a0A9qiqZFds3EpUYAe7e03Pank0vZTTqnQdD7BqSz6rRfDITSKZ7RkIV5qqVmDtxkDf5G7uBh32rSJ4bRvRdnYz8zLezcYK3iN4NlmQ-mZjkOZg6U7Sq0ooBQlAFndtPWoB7p4-iOlYTHOYbaiWVvwnt_W8lRecsUd2LZ22pr23-JWDsB0DrUSlBht0gmzqnXFsv_LxJHXiflTJR8YKP7J7dp5Kna33rSEbHWAHD53qvuNSxKv0IMyn_FsPRtHntZMDQugnRNnHsBXixT6zvEEEcAAVbW6cc7fj5j55tWAuElxhbA8fWb5BR0wEZ0_3ONyZZ-v4par9Z4kdD4MTPlVKCs1T_UE6A7S3qadSBGThj9fe-t2aUSg7HMcZBX4-L2FmkUFiouELjrSIm-cyC2K5OAtwSz26i_sGr9el9wumzNQvWDrA4-ciuSfVLItJIOmQhdyJsmKxPEjFCoXMWatq9mNOcSw_q1iID5GqUy9G8SVNbihQtB8g4mqqBtRnNUZb6bVGrxbQJaBdAKt0u-do2AxZlyIaQpmmpRJUH49rKfZfaYghTnTTsu-XggvM2-Xgtc7H-yZ3YTpD_0yHUBDvxu_YhrIhqmCF0ShFBqrp2N15ylpaENU0_Cx4v-ccWrejEFQW0F3uehUsCNaLjVCSNa9sZl-_XF8_CgudcyCCRrP4IbKvsyspf4-Hm1l0b5aVq88BFiR3SfGPsnKkP-3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 14:08:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4AA8 42 B
64 B 61ms
60ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPsMcjGUXBwG6_KxxMTZ0sY43RwiLmVHQsag6xfcv1V06r4TO9NW0jyASG3uI7nQrCBAJlZauG5WUmC_-9vi_aAN3tS5c0Pc4DA2Xi2qZ7a8DDeJDfqw&sai=AMfl-YQOFrrAeD6EWqr-puWXmB3vNMJ5lALmWIdL4Ew17nxlKZME-ZnFySTf_0ag-6a3TrYlHVN0d-UM96qdKLE9YNja2KEXidLJU1byaKWk5Gm--BYxBF4x348Gdi8x12g&sig=Cg0ArKJSzNA4Q2XFyxEhEAE&cid=CAASPeRo1Undr3_ugUk9YGv2ivLN5YYSq7KkCmQAwKggauhZNzmqYIdQPoOugWMqNGjmWdVeBsmY1RgtnmR9I0M&id=ampim&o=315,684&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=920&tls=1920&g=100&h=100&tt=1920&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2039479053

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 14:08:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FB9F 0
0 84ms
58ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBmQjchwFYt6VHc-U7_UPjsCE8ATphNLtZ-K3lvSnD2QQASD7m9VJYJWCgICwB6ABpJ-Q1wPIAQmpAvG0RxGfL7M-4AIAqAMBqgSJAk_QzkYFB2AuS1EF1FLe-ThPJmw6k_kjqkrM-74-9NgXu62eL8Zqn4rmJqHi0NV4hCBNQXlBqd1uvl4rdRhUx9ODn5gqZ3R7nlHWDZrSIfPqGCE10ABOdALYG1e1GdY3mNEgMftH-g2QnfAsLfsGD1i7szISE1-rq0RjCB_BpwMxZVt3ep-gJpKCgFMb-19FN-8gOqjZKgFhR2Y3w3K3hRkVrhTifjfUWMTJktpS1P4agBc0YuQE5lRpxqLKlbp3nCqdqD-igErsnLdeMJFztYNdwpdvFnXdgzUuW7KLmSHmKDPNUU9wiBL4zltcqTpAympVWVmYL_9oB4kNvIn8fmWN3iEpc_mC5F_ABJuEg6TrA-AEAZIFBAgEGAGSBQQIBRgEoAYugAfE4O8oqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQm5UD0ggJCIjhgHAQARgdgAoDyAsBmAznhPmo9wO4E4ME2BMO0BUBmBYBgBcBshceChwIABIUcHViLTU4MTIzNTczNTIzMzUwNzUY26Ih&sigh=X0qalDwQ1W0&vt=1&template_id=515&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D
Requested by: Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FB9F 42 B
64 B 62ms
61ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstDwsYxd4XdmKhYq4YZQEjC8M0d3ccvCCBCeS0nevEqRe3ITk__mwEMHVL-0DBGBZYk3skjWYG1tfT-ZNwevzSukhOrWgR3CpmUJUSQLoswaTuDsaObYNLsI-OsMK3RSTpuA2Us8FsXv5Y-H9cP8_l-2KCvX0L3hQ&sai=AMfl-YSNU6s_8V_T29mzp7zrpmVmi1Ksmly47sOPwlD-V9FVo7u0ORvip1yOVDJq68Fr_bH5pYf2lDM4nPabUvKU7GguzdQMVuVSZPP-xWXB_JfdOgJ4vWDiCgkYeQROXFZs&sig=Cg0ArKJSzIYHrwWk5CgTEAE&cid=CAASPeRoafqZWc_aGnoUVSDUw_QTrUA7tg5iwnaT0p24iawa5KHYQpNY0UMuq3xUMFMWF_kggxjB-SyzpI39Z-Y&id=lidar2&mcvt=1001&p=55,561,145,1289&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220209&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2039480262&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&pay=1&rst=1644502131121&rpt=952&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 14:08:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 332ms
101ms Preflight 3.227.250.215

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Origin: https://www.newser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-amzn-RequestId: c4d51e9f-7fd2-2228-9eaa-00284fc8ede2
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Date: Thu, 10 Feb 2022 14:08:55 GMT
Content-Length: 0

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ 146 B
582 B 111ms
111ms XHR
application/x-amz-json-1.1 3.227.250.215

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3716845f6e8ef1441ecb7ec0845b577b2e7ef2b62b76990a68151617dd8d2e42

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIA44GIABD57PYVUX6G/20220210/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=91d990301409d675f4b1c175f4733ca3087c8b2c3738fcda838045c262128310
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 65dff5ee6810b245d67e66c75aba49c5bce85308dd5a9de88fbe8b1bc3a4dc45
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Referer: https://www.newser.com/
X-Amz-Target: Kinesis_20131202.PutRecords
X-Amz-Date: 20220210T140854Z
X-Amz-User-Agent: aws-sdk-js/2.387.0 callback

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
x-amzn-RequestId: c291cc22-40ef-65ef-98ee-d29570f5aa25
Date: Thu, 10 Feb 2022 14:08:55 GMT
Content-Length: 146
x-amz-id-2: +ZUbFJs0aKdC3c3ibKDrHTMYPGbe+bttbUH85OV6re+o2nofdeY6eUzralb3ZnevJ+ZXhrigYrFUJ8VGSI5yF0B8XMnriu7/
Content-Type: application/x-amz-json-1.1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

638 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

67 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.newser.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: zzup4yfkrv4zjhlylkanbgxh
www.newser.com/	1970-01-23 16:24:22	Name: USERCREDENTIALS Value: EMAIL=&PASSWORD=&USERID=0&VISITORID=1561185119&VISITORCLASSIFICATION=P
.simpli.fi/	1970-01-20 09:35:24	Name: suid Value: 62D52269BFB54AB9B0069C1A0F3DB98F
www.newser.com/	1970-01-23 16:24:22	Name: PWA Value: N
www.newser.com/	1970-01-20 10:14:17	Name: __atuvc Value: 1%7C6
www.newser.com/	1970-01-20 00:48:23	Name: __atuvs Value: 62051c6fa6742429000
.newser.com/	1970-01-20 18:19:34	Name: __utma Value: 116631449.151998209.1644502128.1644502128.1644502128.1
.newser.com/	1969-12-31 23:59:59	Name: __utmc Value: 116631449
.newser.com/	1970-01-20 05:11:10	Name: __utmz Value: 116631449.1644502128.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.newser.com/	1970-01-20 18:19:34	Name: __utmv Value: 116631449.\|1=PWA=N=1^4=OrigRef=direct=1^5=UserClassification=P=1
.newser.com/	1970-01-20 00:48:22	Name: __utmt_pageTracker Value: 1
.newser.com/	1970-01-20 00:48:22	Name: __utmt_eventTracker Value: 1
.newser.com/	1970-01-20 00:48:23	Name: __utmb Value: 116631449.2.10.1644502128
www.newser.com/	1970-01-20 10:17:10	Name: _cb_ls Value: 1
www.newser.com/	1970-01-20 10:17:10	Name: _cb Value: LO11sDtktR6BD30by
www.newser.com/	1970-01-20 10:17:10	Name: _chartbeat2 Value: .1644502127900.1644502127900.1.CaRPAlD87XraCLvGiZBkcsYneo9Ol.1
www.newser.com/	1970-01-20 00:48:23	Name: _cb_svref Value: null
.scorecardresearch.com/	1970-01-20 18:05:10	Name: UID Value: 137e124f5a1e2cb38be4bd51644502127
www.newser.com/	1969-12-31 23:59:59	Name: g36FastPopSessionRequestNumber Value: 1
www.newser.com/	1970-01-23 16:24:22	Name: AB Value: N
engine.4dsply.com/	1969-12-31 23:59:59	Name: IKSR Value: {}
engine.4dsply.com/	1969-12-31 23:59:59	Name: INF_DFL8 Value: false
engine.4dsply.com/	1970-01-23 16:27:14	Name: IUID Value: 1ca09efc-edd6-416b-8fe3-55747b6ddc7a
engine.4dsply.com/	1969-12-31 23:59:59	Name: ISSH Value: 6130D0
engine.4dsply.com/	1969-12-31 23:59:59	Name: VMI Value:
engine.4dsply.com/	1970-01-23 16:27:14	Name: CHN Value: #[]
engine.4dsply.com/	1970-01-23 16:27:14	Name: MSSH Value: #{}
engine.4dsply.com/	1970-01-23 16:27:14	Name: MSRH Value: #{}
engine.4dsply.com/	1970-01-23 16:27:14	Name: ILP Value: null
engine.4dsply.com/	1970-01-23 16:27:14	Name: ILPLU Value: #1/1/0001 12:00:00 AM
engine.4dsply.com/	1970-01-23 16:27:14	Name: ILEALC Value: #1/1/0001 12:00:00 AM
engine.4dsply.com/	1970-01-20 00:48:36	Name: ILMPF Value: #False
engine.4dsply.com/	1970-01-23 16:27:14	Name: IPMPLU Value: #
engine.4dsply.com/	1970-01-23 16:27:14	Name: IPMUID Value: #
engine.4dsply.com/	1970-01-23 16:27:14	Name: BSWUID Value: #
engine.4dsply.com/	1970-01-23 16:27:14	Name: IBL Value: #[]
engine.4dsply.com/	1970-01-23 16:27:14	Name: ISH Value: #{"1148":[{"SId":"6130D0","D":"22/2/10T6:8:48"}]}
engine.4dsply.com/	1970-01-23 16:27:14	Name: ISH_Q Value: #[1148]
.addthis.com/	1970-01-20 10:14:17	Name: uvc Value: 1%7C6
.quantserve.com/	1970-01-20 10:18:36	Name: mc Value: 62051c70-a9a11-06a65-b832f
.addthis.com/	1970-01-20 10:14:17	Name: loc Value: MDAwMDBFVURFVEgyMzAxMTkxMDAwODAwMDBDSA==
www.newser.com/	1970-01-20 10:09:58	Name: usprivacy Value: 1---
.newser.com/	1970-01-20 10:12:50	Name: __qca Value: P0-150734026-1644502128559
.newser.com/	1970-01-20 00:58:26	Name: __asAB Value: false
.simpli.fi/	1970-01-20 00:58:26	Name: uid_syncd_secure Value: true
.doubleclick.net/	1970-01-20 10:09:58	Name: IDE Value: AHWqTUlG_sS_bGIqsQDjndUB3xCSJjofcFSUA18iljMCnJEAVt6gCUMyFuqJaeuWVns
.exelator.com/	1970-01-20 03:41:10	Name: EE Value: "c1a5448b68bbc861b5014ca16348e054"
.3lift.com/	1970-01-20 02:57:58	Name: tluid Value: 3875523001121782652600
.agkn.com/	1970-01-20 09:33:58	Name: ab Value: 0001%3AiW2vuDLv6vHjtwmOvT9Ys1C7%2BqPh0RYH
.tapad.com/	1970-01-20 02:14:46	Name: TapAd_TS Value: 1644502130995
.tapad.com/	1970-01-20 02:14:46	Name: TapAd_DID Value: 8c7783ca-5291-4ebf-a016-1971327e4e05
.newser.com/	1970-01-20 10:09:58	Name: __gads Value: ID=b478a38ad394b5a2-22af94eb3bcd0052:T=1644502130:S=ALNI_MZvucI7E-ra0zmQJjJl6CvKcb9eRw
.spotxchange.com/	1970-01-20 09:34:02	Name: audience Value: f91222a6-8a7a-11ec-9cea-1f057aaa0206
.adnxs.com/	1970-01-20 02:57:58	Name: uuid2 Value: 2166071989690646231
.tapad.com/	1970-01-20 02:14:46	Name: TapAd_3WAY_SYNCS Value:
.exelator.com/	1970-01-20 03:41:10	Name: ud Value: "eJxrXxzq6XKLQSHZMNHUxMQiycwiKSnZwswwydTA0CQ50dDM2MQi1cDUZHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJiSX5RZvoiF9fFRSlpDItKik8F7y%252F8AwBe0yot"
.agkn.com/	1970-01-20 09:33:58	Name: u Value: C\|0AAAAAAAAKZfY8wAAAAAA
.pro-market.net/	1970-01-20 05:07:34	Name: anProfile Value: "-1en9u7ikuh42s+1+1f=1+1g=1+1j=41+rs=s+rt=20011B6010100002101168B38DD228E1+s2=(r73dyr)+vm=24-62D52269BFB54AB9B0069C1A0F3DB98F"
.pro-market.net/	1970-01-20 01:31:34	Name: anHistory Value: "-1en9u7ikuh42s+2+!#7%/!L!)VW"
.crwdcntrl.net/	1970-01-20 07:17:10	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 07:17:10	Name: _cc_id Value: b0361832d39a6fd4590f7573e51b720c
.crwdcntrl.net/	1970-01-20 07:17:10	Name: _cc_cc Value: "ACZ4XmNQSDIwNjO0MDZKMbZMNEtLMTG1NEgzNzU3TjU1TDI3MkhmAIIkVpliEA0FADTuCUg%3D"
.crwdcntrl.net/	1970-01-20 07:17:10	Name: _cc_aud Value: "ABR4XmNgYGBIYpUpBlJQAAAL8AD3"
.bfmio.com/	1970-01-20 09:33:58	Name: __141_cid Value: 62D52269BFB54AB9B0069C1A0F3DB98F
.bfmio.com/	1970-01-20 09:33:58	Name: __io_cid Value: 9605f6bd5cb413db2a2f06c4df475f90fb8ba1df
.doubleclick.net/	1970-01-20 00:48:25	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 02:57:58	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2In>o/.#(!]tbPl1N!7OnM$=BWnseVQzQglSZ]foj<ZfoW?Lcx9`i-b^Vk^yyadK2y`R`^]t/X%W#.wL4W1Qw1u:mp.i

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=62D52269BFB54AB9B0069C1A0F3DB98F Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=62D52269BFB54AB9B0069C1A0F3DB98F Message: Failed to load resource: the server responded with a status of 451 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://idsync.rlcdn.com/400646.gif?partner_uid=-6666176098133785828 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6c6c8ffd3020779a929aa880eb1857a2.safeframe.googlesyndication.com
aa.agkn.com
adservice.google.com
api.ipify.org
bcp.crwdcntrl.net
c.amazon-adsystem.com
cdn.ampproject.org
cdn.engine.4dsply.com
cdn.intergi.com
cdn.intergient.com
ce.lijit.com
cm.g.doubleclick.net
config.playwire.com
connect.facebook.net
d.agkn.com
eb2.3lift.com
engine.4dsply.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
img1-azrcdn.newser.com
img2-azrcdn.newser.com
kinesis.us-east-1.amazonaws.com
load77.exelator.com
loadm.exelator.com
loadus.exelator.com
m.addthis.com
mb.moatads.com
newser.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
platform.twitter.com
rddywd.com
rules.quantcount.com
s7.addthis.com
sb.scorecardresearch.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
simplifi.partners.tremorhub.com
ssl.google-analytics.com
stags.bluekai.com
static.chartbeat.com
static1-azrcdn.newser.com
static2-azrcdn.newser.com
stats.g.doubleclick.net
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
syndication.twitter.com
tpc.googlesyndication.com
um.simpli.fi
us-u.openx.net
v1.addthisedge.com
www.google.com
www.google.de
www.googleadservices.com
www.googleapis.com
www.googletagservices.com
www.gstatic.com
www.newser.com
z.moatads.com
s7.addthis.com
104.111.215.191
104.244.42.136
104.89.31.187
108.157.4.80
13.248.245.213
142.250.184.226
159.122.14.34
169.50.137.179
185.33.220.242
185.94.180.126
2.18.235.40
2.21.140.111
216.58.212.162
2600:1901:0:8eee::
2600:1f18:612b:4216:1314:397:4325:f0c1
2600:9000:223c:3600:1a:1459:5cc0:93a1
2600:9000:223c:ce00:6:44e3:f8c0:93a1
2600:9000:223d:a800:14:2602:6e80:93a1
2600:9000:2250:9600:12:4abd:d340:93a1
2600:9000:2315:8800:18:1fcd:34f:cdc1
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:9f11
2620:116:800d:21:ee05:6a01:4b41:8c89
2620:1ec:46::44
2620:1ec:bdf::44
2a00:1450:4001:802::2003
2a00:1450:4001:808::2001
2a00:1450:4001:808::200a
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:813::2008
2a00:1450:4001:827::2004
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c06::9a
2a02:6ea0:c700::2
2a03:2880:f01c:8012:face:b00c:0:3
2a06:98c1:3120::7
3.122.111.84
3.227.250.215
3.68.148.208
34.254.143.3
34.98.64.218
35.227.248.159
35.244.174.68
40.114.51.62
52.208.103.128
52.222.210.175
52.222.214.69
52.48.241.99
54.175.247.53
54.243.106.181
54.91.59.199
69.173.144.138
72.251.249.13
01055ef0971fe2b7613481c4aeb7a470a12bdc12ab4dbcaaef4b3c044f30aa3c
02886fbfa96b36521df6d0c8e243d962fb9992f29d67247dd30756a9589d568b
03f63118e0ab22bf9737008e152baed9725ceff2aa0bb9a0f28d66c0ede24541
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05861820d5bb5ccf74b74c3292421fbb39dbedbcf048ffb1ce1fb3e3514ed853
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593
09fd14e6cb64274417ca67fa02eba570db41af0749d3db2cf5eccc997a02c813
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0ba9f44ad8620e01479836ff1c5ff7a4da26357eee3867f12fbd8d8782a82daf
0d9a9704984f4cc30fd74f3c52b8ef597299eed14b430d20efbef27cd967e390
0dc6ed5bb38d97d421b0cab891baacc5262b24d88dc0dcb61c6c3adbd3ff4527
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1126dae47147dee29ca9bffbbd45f3e609f7d38a2c17cd4f5c73283db4e6304a
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13aff0812c49276fdb1ef2b2292b396ce5e3325a7c13e9582212577d2f0ce975
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c
157c6d06b46ee335d2c7f7bdcc76578b258a32030d18adadd6b2c85a31c8f4eb
17b642455daa38d205e7531e28e4bb9b9d58ef5a10d314182238cbbd88f1e3ff
17ffc5c006a036e40951e7b25d58fd24fed4612ea38d3834b3cc78066bf3ec0c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1846ca8d37dd7aac3fc217e579d1922142aa9e3ee189d321f0f764cd9252a4b2
185b7539076b9f8d807c5740180aac4e2a4b3bc2912b4e9485950ccddb4cb39e
185c30b8c8df4dceba339220aa4f959e85491691f57a431f37ee5ecb36f5fc52
18949d4a39f9b936e01ffc712f63479f00dd2b2787d1adece606bef85bcbd43e
1934199df51551755f77a59d6993a98e332ad57c09ab22d30fafb727d92e4eb0
1d2eadbbeb8f721530090eb5f13b3cf7f0135f2c98efaf8dec97b14172837d73
1dffd76afd4bbbb8e0bd53d68b19afd5d9baa3ec80151664427f3a06ed5822f0
1f5a3cbf19a41df9f5e59f05ac4c668b3caa896cb3c2e5c96f7addf4f6a96479
1f83c6e52f7fb3a2096f808d8c40707450718934e76babd06b406d60447c6285
1f85847121f1ce57df31bb67a0c839db231e07a65e03d10f05e94fb8f7aad3a6
20e4238f1c28be6ee9392bb30a94b3a38d3114828a8ad057821f63ed68fa2159
21349b60e999f29bb11fd1384e57ea43faf7bb39d7822e81c1e30de505663228
21aa45f9c2482606f03d1da70506b083088308868b93359e8dc764d31d4c9556
24859012124ced0182ce574c576dd12890fe364cbce6e7e5366d93b0d020160e
282e5129aa662303af722b9cbb666f030c8999af37995f02c2d04dbd69f75647
297780bbdceda3c80c1d27566362ed38b771c288ccb9e420e6106b4058996ca0
2afbf9615c6874ba1d3595241e1f73e4a76e7665b5b09aeddfc31ec01e4ebbd3
2b291810374483e61126df23f32490a6f8a629062a6f00f0d10d7b52ed2a2762
2c0719edc0c757c9d13142d8b9f14f4b3fccbeeb7767daae9d1e7ecc7d214396
2cddcc76dd7b01e07130b647637c2c81f27ab4a0214973a010e712813f311138
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f76122813dc216562d9a6c2d82279ff460696b28f8f66042399a02cf93732ba
2ff8684ee0e3acfe08494f09ab05494bc7cc842af6834e3877eb160a949f0c7e
3018a5afc915e1bffa9bc4d1dcc657c56603cbebb623a4d7bc9252d3cf3c2490
307c4cf0cec01251278a5201d04096f4b7afdb8ba2239801202adb1992c14ecb
316f775333e0567a2ea23141b96349652855962025964f0ba097c64c06fb639a
31c724707624a3682770d54e8b216f04db44eff6fefb8313d9178ef0f69a694b
34fb7558484649970c8f43cadf0e8ff3c7ec1710c705bd4ee2af9be7b8a9d059
35492a87c4890844d74421e987420d971ead965292333dfe959060794f908c6d
354cd674accaa26badff834bcbb7487aa7f99930f19cd864d71e6359b6b3f346
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3716845f6e8ef1441ecb7ec0845b577b2e7ef2b62b76990a68151617dd8d2e42
37dc1bf9b47d3bea561b7ceace460779692cbcac891974d39804ddbc51b6d5cd
395a23dd18c7921f8e1daf626d94ce2d24a4b6db80a4a20f621f87fc2a5a8bea
3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826
3a7b5f2e7e3fd51102d05b2706291210864e7890361d932311a18048073374ae
3b556e6cee32c4b0c80ef893fd00eaea90330b3a127a8dffecabbedaf6aba7c5
3c6c6fb5ffcb10c3fd6f71f33c0f2cc36e52fbae6edd291a8e83f96deb746206
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ec96e411c10a7ecd0c531cdc668fdd32e9591b19722367f347d718e9fc9e500
3f9ebf128c9383c5fc8f3a73439f0e2dfb997f34318383e554b124e37c319c2e
411626d5e8eb3616fad95e39e91afe59dcfd424b9492c2c43c76a5199dc69768
41a8a336d2c79e9dde32f5a589309d17a0844bacb6b5b2d740ca4e42ee2b4f4b
4294b6529a932126f0842e940aebf8b66922fcd529df583cb1fa548370b35e40
43aec706c5373a214bad13f63e6e4d0346cb44e1a9e69ab1926ea0e466c75869
44311cab762ee5e31a1b18bc02afb77833e71c2f7cd3c01a65c6d5fc404cbafc
44da54fd69c8966482bc49d3744fff0a7fd944dc2dd5732d9f710da7df4329bf
4578ad9e563dbdb7266bcec42de9bca2b47d5a22c20ded090f966cda810f07da
4731b38dfa44ddce1b9287b70fec361eb89bd04b86b6bf250e097aa465f5b66f
47c2a72a84c25a712f2b3578382819a0f10e1d9d781edc91b0b610ab49d50aa3
487d497fea7fd79be4e6487ea5a363a9212cd57a0cd05db7821dee613fa2566b
4ad26361ed07b718da2b56975ac62e57a2332807dffecaedf37a55832800acfa
4adb50594e4de53aa8cfc64c3101022ca2975543a0fa1cb3ac3e3aa8a12c8cf9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dee8d0964077ebd8e97439ceea1ac631a0a96108547f51662a0abe472058b32
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e42171e76b77a3c197a7341199635ebb402ca532da70c70d3b0fbc3a99fe6a4
4fb26827a4eb25267b4722f8483b4a772b2976d0c3e4b7426f68a46d3f9279e1
50c34901c1aed81889c94ca817b50dd7103bb723548ab3df8c386b9c37356d77
5122ba93a9303c1dd09b760b3195122db1beef3b3d673b2274ec5ff2e8512ad1
51c102dc9ea54b18f18d2471bd0586f779fea8ad12c86dcb5264d89872562c66
52fbc8c7a9fff04f94f110116156894fa4ebcce60430c036c9181e5e7563a963
5347c78f51c7cf4a4e84d4be12317338a93ff8da7df24519360728769e48a91b
54816aee5bac6e267870af1a3748d27f8d9875247bb84c40b018c28348cf203c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5643a770f9a88db4ea5d356ae4ebaa7e31badfaaacdd396c090174b3d84c8e84
5b1e8cc976bca45e8dfbd20acb619fb4c0cdae37489b3013967a073464fefeef
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c8e2b63593c31e87391f96f1a9b4b1c19b67966e560256a40cea1ac6c51307b
5d6ca91a73c6e81f9f19a486b78453f604129c5d0578ba4f5001bad2c5f92b4b
5f83759101de21742ea86e44aee05aeb189f7c03393f3b9a09d7cf4155772512
5ffd70a3a5541b208ba50191a6ebcff5ce32e820a3350d710b94d0dcd5bdb302
6018c5f742fe70dee691aa0c4d3e9c3e55d2afc7198132e40d5f5ee1d082b674
607a2fa0cd9f2f544f9ef9984dade24ca7932cd4774a3d9a20475ee55f4038e4
607ba5401803708cd7e7d54cb229467b42bcefa017c466d0290c2903989f9cec
60b6fb70c39877b90333526914dbc0d47052cd8c4c298c421aaee2f9d6b48bcc
610b5867b25349d5a425713f4dcd8e8517419d12eaecf8019135ab7c47dbd249
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63fd621066b82120c129ad9b1bd9d83bf29b337781f4bef75d356e63c008ca3b
652f45a243a2b7d05e9fa40535b55626458b737aa964a3e631e758a0e3effc3f
6585ad79553feebae65872466c71015c90f93d523c48a4cf620c73548c65d8c8
67b9b69d2de45d1755e4770fd70b05d8060e4677f2689776161c541990012184
6a851018217b9b82c42ee40fc19da2cebeef9e015fa16af92de592a757a2c930
6adac3e6cebe62d0e7c72beb62adb76c392b32b4b650294c770f8141899529f3
6b048b22e5cb93a6809a1da3c04d74b9544f70a730881d6c47ec42b74044aa7a
6d6d162a89e32c126f5019cbd4143ddf6cc9fbf19858a3272ad6ad5ac2beae14
710e557328caaf4cc6879abf110102ce8d91cddcd23a3222dde246e8f2d65b50
7247d1d894b849557fe28092ea33c57e473989376a7837c347e151204d210d2e
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
744ff6254931a61a024f766c0abbcba8513222248f3799550e7a344869b32143
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76d47e94f81b97aec80a56aa775f1bdd8dbc56d34e47a775bdbe0e956fdab43a
78e0379b30707129cdeb8eddaab464d6a24d46bfaac119b7584d500ed981d01f
78e713d61e23a0c14f9db06d281b5a27b90e00a33080a80e56451f27ecbc87cf
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7bcc99f34bda6777489d7444d9d33afac455ee75213c421cc5dad7fdb6a7c92e
7bda06ceb6033d33431204d748885340036b36f20756876f2d06a0a309e8c9d1
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058
7cec802828fd9d25efc4611219c8748745117f5a51d4f76e4f9cfd85a428ce95
7dd797ef6ce230e9bb19efbfe63a5dcee0e08a00cd6c7b75a151e8ac3de98816
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833c45c012035958eb35152b6612e0fcdce8571a7af4cf6411051edf96c8e220
84aa86ee5490f3247ae99f2cc968823f81dfb0500f6118dca036499d16ac1bd0
855f1ce0e81fa24e05ffbc5193f6c2fd3716819078d9b64684ddd4cd6e95a53a
870c196156856ec66eb4e1d7b376eca50e218883c93775524484b4fe4603f5ed
8719e20ffd509f93b8152944bdca492f4374157f581945e5f1d8669e4bc5583d
8baae135666cde471d16426b7387541d4b900559275813859e2d296eee039192
8bb173f860cbb01cec39cc694d74849f6421fc288a7962c9be29fefa76a58a2f
8ebe1d8db3728671f25db9305af3cd6be118740cfe1528ed5f5f0a25a7104ace
8f4b70778aa21c1c093c6acbad70c70b2e69d4d22e47d9405ee137db16ca050b
8ffa89579cea903c174de2a97fd2465b39ea3c8658c2b71cf47d01442b585f1d
912c556529d3560251b6a0a40ada424f1520edfd206838090667b02bbed3d19f
92d5346749042e95975ac2df1c850d5d3c0ea59460abf843ca269583a2efe1d7
94360a6ab3ea5a75cb34a06ef2ff905d7ea0a7dc43eefcff9b6f90e737fa4e41
978f69abae4d7fa60114fcea9ee790caa3599e4aa961d630bf8204e8ceb883b4
9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66
991fe74259223f99727fd1e7b1b4e9ed4cd555c48853cc730a5ec36899b78e81
99383a41ff60b647f0d39204cac36519e84a2b0035cf5de8dafbd6ec5acc38b6
996d298d6f8685a3ae28eace9249e3580bb8d13d91d424573fefb40d52980269
9a2f10dd2b10c4b801576563a39f54921f00ab8467844ff8ca0247745049350d
9a7070750fc92774e2f5034558dea06e661b18a9cd1d35274c3dfbf60a381312
9a79eb4b02ec5ed2db619ac01924fdb1a4582a4e03b87be63d2869b691e6fb07
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a06fb4abe16babaaeadb861c94d91f0ef01155bf0968f05eff8cb473655dbc53
a0b276ee08796d30bc32a3d1b73bd35730e6a42791937131592e28d186d999ed
a0b3e026c45205f24a8833bd01ec72b93ee872afaeed807675d9a6bac10c2ee5
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e3f7f11e3feb97a1b577675fcb17fb87538d414dc5342c96975b2bd2c94b86
a15c1fbe65bd22ff2b95aa7554e66a252abd68e3956432a76c07cef01fbf05dd
a177a125d7384bd51ee15e3454c488ac0f2ba22a452f9bc3a96e29d2df4aef1b
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3942aea05f34d9aa17deb27766f216ce7bc0176e66b41518e5bdadb19400d67
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a46565f75fd51d361f1f30b6296e1f259a7dbeef6ef7f5ab7b87f72512d8fea2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a5ebbcbf3ef436203733d88eae3d7dbfcb95fe4e7738753e41d025b4423b8209
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa
a87d4c2682d10f0750f0e1142e25fce055f0ae596c7a277bbaf2427ddae146bc
a9adbf9ff6cb67410da32776829c98497f78937808849c0c77c476ad5bf8c1a6
aa7b879b43dafa713fa3845f06645d6d5da9bf17726b2534c0b824149aa4dbad
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad9e5210a13805edc2cc2874d7ffa326b907e9c6d0c212071798944a1dd9ffae
af77a5d8807becf834681ebcd01206b1b9cbd208f101efb6fca81036e2aad964
afa332c79548bd91db4149e3f235abd7e13cbb4411b9144bc5d7050202193551
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee
b601706462796e8e94fbd9880f60f3c699c3d0457a4b89fb53e4ce7fd00ad3c8
b82f9f3851248e2a1edda6d5d270a4cd369e5872a93c289d2afb500708139175
b9d6f21170b1832a2bf376303d65478f8b351dfc121ca5c45484408c58720a45
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb277af08e236531f4a598a7ff279ebd5770ffd5f5d43d4a68b1a238920890ec
bbfcf92c6c94d918c51be1bdf1f14098db1c7454b2f025fb7d2eed08d8d84703
bd600ed5853d0bf793be53ad0c5267c88da6851238dd8975474e818aa09546d5
bed31c2062d8bcd1167d1be160c5d65dbf8b1ea2a75fe7f91a5396fe71e51cc0
c001e6bdc104571f38cf9dad95263033fa4faab363f28a030d9de2a362ca22ef
c00e4b444e4089660152f10bb0cf87d45be907756bf33150841afc2f8a69d791
c0e2de1910c51b9146fec0cc847f64b28a62b86f030e1ea05a7d8b05c130dc9f
c1c410ec6e79ed2c707ff01022888f427ff0480d03c66fbd11bc5ced5f28c36e
c1cd0ca37c6926b07d722bb7c153ed3137054ca53672f947de08edcc9cddd13b
c21ff3192471bf1d4f68708aac54eaf59463429acf1906a544cf3c12702e6edc
c2e4d9fab5b18fb69a5b1ff202eab2de1ba21a4e98f1adfef83009f69d865992
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c85f418b58dc4db60034c36fefb465140df4a1bc710fcf1699772786550fa623
c95cd9d436e7cf0e70d691d81a7dad1f19a2ae82c493f7f104b8126508596a89
c99190b8d37e8fb2b6324eb7d320bec6dfcadba4114ce999c2d9bbc9cad16180
c996a2172ff025b38c72d8b88c97f1f15a2708ca05a4651244285e965c4d913c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb396162f36f0e17f645c7a85fa3f03ee53e68b150186d1a55d6309f06e6e9e4
cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250
cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864
cd3f891740402d04ebd073342a387646ab222d64c56f153096343e63a5b181f0
cdf12080db9032976cfc9aa19395cab73b3f3598b49e1d0a6c0a75cd1ed8edc5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf622e740fc0675d3a5ad8d815b6683c9275ef07cd1204e106d295e0250ca496
d1477d2bfda88c678c2deaffb53f18784ca00294d7318a2521f4b95baa375e3c
d53d5934c2dc6626071dbc01721a80dc8717d6bcce03c6dcb544dc1ffef6937f
d6a2745332948716c2d3849e9b1d02451515f96ec7ab4749855794dea0272857
d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740
d8f64ca73c0faaf5d9d1e56252a2d89a23262ea516e7d731adaf5f255d4081a3
d8fe36a17aa5e4cd1a197c81235633a1e44ca292162a06b9b7dc1dc37981a211
d9f2af4bf1a7d93ab352bab7209c5020e3568c3ccd5eefbe0254bd5c3ae0ac9c
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c413d9ecb857ab839e9147e9a72b0967a80151bae1aec1b1771c623006f5bc
e42acb7ff244181dcbd7f7797db80465a8f70e543dc30d6b275eeef835c670d9
e4400f21afb8b0d177c8cc1d042db58cd67ab5f03bb076cc84d9fc19523aebca
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5f99c73f77e7e856dbde649c3c238695d2cba750eb5eddf39e659f4bbd74cae
e648b2f4beaaa6533dd4fff5bd87b3888af517b914aae5b8cd17e2518f3cfe60
e7644b97cd15d541ee8efdddbed25a37fd42fc7cd93ac63b12eed0769d09ab2f
e867f87111f65396a5f4b097ad0e96f24add74dae047836d1ac1a2eb02c83f55
e990f8a7023db06444f9552e7bde007060d0e1e86b72ae845f24471bce3339e5
ea069a2534756e7be05e6f8e8971a76a660fd8611b4ab2baab9a8921c3b9dae9
ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d
eaabab8c24b72d06a81e683e79aa6cee9794568cfb0d11b701679e23c977cdf6
ed8d47f657eb5585214a083e742d89d7b876a3f4ca6428cd539beaaaf870ce11
ee315c1f301201947e15894061ed8c938cf9fbbc9e579051ffbf38d20dcc1514
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef983d6dcfe16576a9be98a6fe4d2c99552c9e76fe46fefb29dc2ae2cc5082c3
f24d5ceab16df0ebe74b3ea625052977a5835f6a85d978a6276905392937ee42
f26f3eeb486923290a6185ee718db5aa71e45f02b5d1de24f3027ceab65e9bd6
f2a246b04737db2c995c2182a97b667ca0ebc2792f7dcb1d6833696db75b059a
f33f6446320fb034227d51337ec86a0f263cb1ed53e4275cae2fb55b322504cc
f7757ecd11b43d67f4285261688b539b331b0a94f4352776db0983fdb09c5ee9
f83342ed50798b6d44f8f723999e2c5af59be6989d6233bec3bb5cc4034d58d9
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
fb0da9c5679e4e04fe036c10e42d93ed5a9a3a8f632db1cfdcdf6352ee4ff789
fce94e8d493fb1b0c5264ad0ca94f542ca10c39b95eca426ecc0ffbb88e25077
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
fdd60a0f9993c5dca2b7018550bdb97f584e780ccf7d96e56420ad0c3afc0e85
fe522f08b4653a24a7f4fe9c3f10678ec703f62ec9c659148088296b131a6647
febc13d4fca620c0eda223b3febb844ecb01e4299569a936801b86ecc25609e8

www.newser.com Open in urlscan Pro 40.114.51.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

281 Requests

92 %HTTPS

49 %IPv6

47 Domains

69 Subdomains

56 IPs

5 Countries

6451 kBTransfer

11083 kBSize

67 Cookies

4 Outgoing links

Page URL History

Redirected requests

281 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.newser.com Open in urlscan Pro
40.114.51.62 Public Scan

Screenshot
Live screenshot

Full Image

281
Requests

92 %
HTTPS

49 %
IPv6

47
Domains

69
Subdomains

56
IPs

5
Countries

6451 kB
Transfer

11083 kB
Size

67
Cookies

281 HTTP transactions
2 data transactions